ove 

Wi-Fi  competition 

We  test  6  dual-band  802.11n  routers 
for  performance,  ease  of  use  and  security. 

Page  26  ► 


hottest 

TECH  ARGUMENTS 


Network  World  has  assembled  33 
primers  examining  today’s  most 
explosive  and  intriguing  networking 
and  IT  issues.  See  the  articles  on 
data  center  fabric  wars  and 
employee-owned  mobile  devices 
on  page  11.  For  the  rest,  go  online:  r 
tinyurl.com/4xvlj8c  _ d 
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Windows  Phone 
gaining  traction 

Microsoft  hoping  new  AT&T  phones 
will  accelerate  that  momentum 

BY JOHN  COX 

MICROSOFT  ON  Monday  is  expected  to  unveil  several 
AT&T-branded  Windows  Phone  handsets  —  a  move  that 
comes  at  a  time  when  the  company’s  radically  changed 
smartphone  OS  seems  finally  to  be  gaining  traction. 

Some  industry  analysts  have  been  revising  upward  their 
projections  for  Windows  Phone  unit  sales,  in  part  due  to 
Nokia’s  announcement  earlier  this  month  of  the  first  of  a  new 
family  of  smartphones  based  on  the  Microsoft  firmware. 

Other  data  finds  growing  interest  in  Windows  Phone  —  at 
least  among  those  consumers  who  are  aware  of  it.  A  Septem¬ 
ber  consumer  survey  found  that  44%  of  smartphone  owners, 
and  those  who  intend  to  buy  one,  are  considering  buying  a 
Windows  Phone  7  handset,  according  to  NPD  Group’s  Con¬ 
nected  Intelligence  service. 

“It’s  much  better  than  many  people  give  it  credit  for,”  says 
Ken  Dulaney,  vice  president  of  mobile  at  Gartner.  “The  new 
hardware  is  much  better  and  will  compel  users  to  give  it  a 
shot.” 

A1  Hilwa,  program  director  for  applications  development 

►  See  Microsoft, page  16 
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Reliability  for  your  growing  business. 
Expertise  you  can  depend  on. 

The  IBM  System  x3650  M3  Express®  server  with  the  latest  Intel®  Xeon®  processor  5600 
series  offers  you  the  reliability  to  run  business-critical  workloads.  Its  comprehensive 
system  management  tools  constantly  monitor  the  health  of  the  system  and  help  you 
easily  diagnose  an  impending  issue.  The  reliable  x3650  M3,  with  the  valuable  expertise 
of  IBM  Business  Partners,  can  help  you  to  confidently  run  your  business. 

Rated  No.  1  in  Server  Customer  Satisfaction  by  TBR  for  the  8th  consecutive  quarter.1 


IBM  System  x3650  M3  Express 

$2,799 

OR  $80/MONTH  FOR  36  MONTHS2 
PN:  7945-E6U 


IBM  System  x3400  M3  Express 


$1,699 

OR  $49/MONTH  FOR  36  MONTHS2 
PN:  7379-E5U 


Improve  cost-effectiveness  with  higher  performance  per  watt 
Simplify  management  and  serviceability  with  flexible  design 
Manage  risk  with  resilient  architecture 


Optimum  performance  and  processing  capability  at  a  low  cost 

Large  storage  capacity  and  flexible  configurations  to  scale  as  needs  grow 

Reduced  energy  costs  and  simple  management 


IBM  System  Storage®  EXP2500  Express 

$3,399 

OR  $97/MONTH  FOR  36  MONTHS2 
PN:  174712X 

Designed  for  IBM  System  x  direct  attachment  via  ServeRAID  M5025  adapter 
High  capacity,  with  support  for  multiple  enclosures  per  configuration 
High  availability  and  reliability,  with  dual  AC  power  supplies  and  fans 


IBM  Systems  Consolidation  Evaluation  Tool 

See  how  much  you  can  save  on  your  IT  costs. 

Log  on  at  ibm.com/systems/reliability 


Contact  the  IBM  Concierge  to  help  you 
connect  to  the  right  IBM  Business  Partner. 

1  866-872-3902  (mention  601BB01A) 


or 


Search  x3650m3 


'TBR  2Q11  x86-Based  Servers:  Corporate  IT  Buying  Behavior  &  Customer  Satisfaction  Study,  August  2011. 

2Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified 
commercial  and  government  customers.  Monthly  payments  provided  are  for  planning  purposes  only  and  may  vary  based  on  your  credit  and  other 
factors.  Lease  offer  provided  is  based  on  an  FMV  lease  of  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  to  change, 
extension  or  withdrawal  without  notice.  IBM  hardware  products  are  manufactured  from  new  parts  or  new  and  serviceable  used  parts.  Regardless,  our 
warranty  terms  apply.  For  a  copy  of  applicable  product  warranties,  visit  http://www.ibm.com/servers/support/machine_warranties.  IBM  makes  no 
representation  or  warranty  regarding  third-party  products  or  services.  IBM,  the  IBM  logo,  Express,  System  Storage  and  System  x  are  registered  trademarks 
of  International  Business  Machines  Corporation,  registered  in  many  jurisdictions  worldwide.  Other  product  and  service  names  might  be  trademarks  of 
IBM  or  other  companies.  For  a  current  list  of  IBM  trademarks,  see  www.ibm.com/legal/copytrade.shtml.  Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside 
are  trademarks  of  Intel  Corporation  in  the  U.S.  and  other  countries.  All  prices  and  savings  estimates  are  subject  to  change  without  notice,  may 
vary  according  to  configuration,  are  based  upon  IBM’s  estimated  retail  selling  prices  as  of  9/22/11  and  may  not  include  storage,  hard  drive,  operating 
system  or  other  features.  Reseller  prices  and  savings  to  end  users  may  vary.  Products  are  subject  to  availability.  This  document  was  developed  for 
offerings  in  the  United  States.  IBM  may  not  offer  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  Contact  your  IBM 
representative  or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geographic  area.  ©2011  IBM  Corporation.  All  rights  reserved. 
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FROM  THE  EDITOR  JOHN  DIX 

Assessing  the 
APT  threat 

Do  security  vendors  secretly  create  the 

attacks  their  tools  are  designed  to  ward  off?  Of 
course  not,  but  that  old  chestnut  hints  at  a  broader 
suspicion  about  whether  the 
current  state  of  security  is 
really  as  bad  as  the  security 
firms  make  it  out  to  be,  espe¬ 
cially  when  it  comes  to  the  latest  poster  child: 
advanced  persistent  threats. 

To  ascertain  just  how  real  the  APT  threat  is,  the  Enter¬ 
prise  Strategy  Group  surveyed  244  security  profes¬ 
sionals  in  companies  with  more  than  1,000  employees. 

“When  we  started  this  project  there  was  a  fair  amount  of  debate  about  APTs,”  says 
Jon  Oltsik,  a  principal  analyst  at  ESG  and  a  Network  World  blogger.  “Was  this  type 
of  attack  real  and  unique  or  were  APTs  nothing  more  than  a  marketing  term  to  add 
an  alarming  label  to  pedestrian  types  of  cyber  attacks?” 

The  pros  are  divided.  Some  50%  view  APTs  —  examples  of  which  include 
Stuxnet,  Aurora  and  Zeus  —  as  a  unique  type  of  threat,  while  48%  say  they  are 
somewhat  unique  but  similar  to  other  threats,  and  2%  say  they  are  not  unique. 

It  appears  the  more  you  know  about  APTs,  the  more  likely  you  are  to  perceive 
them  as  unique.  Most  CISOs  said  “they  didn’t  think  APTs  were  anything  new  until 
they  were  attacked,”  Oltsik  writes  (see  tinyurl.com/3kmac5n).  “As  they  watched 
APT  attacks  unfold,  they  were  blown  away  by  how  they  adapted,  moved  around 
the  network,  rooted  themselves  in  systems,  and  used  sophisticated  (and  often 
homegrown)  innovation  to  fool  security  tools  and  remain  stealthy.” 

The  actual  attack  rates  are  surprising.  Some  20%  of  those  surveyed  said  they  are 
certain  they  have  been  targeted,  while  another  39%  said  they  are  fairly  certain  they 
have  been  targeted.  The  latter  is  telling  given  that  stealth  and  patience  are  hall¬ 
marks  of  APT  attacks.  Operation  Aurora,  originally  directed  at  Google,  spanned 
nine  months.  (See  “Living  with  the  knowledge  that  we’re  infected”;  tinyurl. 
com/4xng3po.) 

What  are  companies  doing  to  fight  back?  Some  50%  do  formal  penetration 
testing  one  or  more  times  per  quarter,  and  for  up-to-the-minute  information  about 
ongoing  attacks,  68%  rely  on  net  management  tools,  51%  use  log  file  analysis,  43% 
use  IDS/IPS  alerts  and  41%  lean  on  SIEM  tools. 

Of  the  survey  respondents  that  are  most  prepared  for  APTs,  90%  say  they  have 
implemented  new  or  modified  security  processes  to  deal  with  APTs,  while  60% 
have  invested  in  new  defense  technologies.  Training  is  also  key:  56%  of  this  group 
say  they  are  adding  APT  training  for  the  security  staff,  while  more  than  half  will 
also  train  general  employees  about  the  threats.  (This  comprehensive  study  has 
many  other  relevant  findings;  see  tinyurl.com/3go4ep9  to  learn  more.) 

The  take-away  seems  to  be  this:  Those  that  know  the  most  are  most  afraid  of 
APTs.  So  if  you’re  not  sweating  them,  maybe  you  should  be. 
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Hyper-V  vs.  VMware 

©  WHILE  I  AGREE  that  “next  version  will  be 
great”  is  always  a  bit  suspect,  the  current 
version  of  Hyper-V  has  a  lot  going  for  it. 
When  our  company  priced  out  VMware 
for  a  new  deployment  we  couldn’t  get  over 
the  fact  that  we  could  either  buy  Windows 
data  center  licenses  plus  VMware,  or  just 
buy  data  center  licenses  and  run  Hyper-V 
for  no  additional  cost  (Re:  “Microsoft 
claims  Hyper-V  will  leapfrog  VMware”; 
tinyurl.com/61xhse9). 

I  would  never  argue  Hyper-V  is  as  good, 
but  for  the  cost  it’s  more  than  good  enough. 

Matthew  Cary 


devices  crowd  2.4GHz  band;  IT  looks  to 
5GHz”;  tinyurl.com/3qap6xp). 

jsicuran 

Tech  pros  in  demand 

©  THE  LITTLE  EMPHASIS  here  on  security 
professionals  and  security  strategies 
confirms  again  that  security  is  still  an 
afterthought  to  most  businesses  despite 
cybersecurity  being  a  hot  topic  with  the 
Obama  administration.  SMBs  have  the 
responsibility  to  secure  their  space  in 
cyberspace  just  as  much  as  the  govern¬ 
ment  (Re:  “5  tech  pros  companies  want  to 
hire”;  tinyurl.com/3wgqyhx). 

Matthews  Tech  Hero 


Defeating  CAPTCHAs 

©  ULTIMATELY,  A  CAPTCHA  isaTuring 
test  administered  by  a  machine.  The  very 
concept  is  doomed  to  failure,  because 
anything  that  a  machine  can  administer,  a 
machine  can  pass.  It’s  just  a  matter  of  time 
before  someone  develops  the  necessary 
software,  or  deploys  it  on  sufficiently  fast 
hardware,  to  brute-force  it  somehow  (Re: 
“Researchers  defeat  CAPTCHA  on  popu¬ 
lar  websites”;  tinyurl.com/6c9dw8f). 

Advice  to  anyone  running  a  simple 
Web  forum  or  other  low-key  site:  Don’t 
use  traditional  CAPTCHAs.  Use  one  of 
those  simple  question/answer  systems 
(“What  is  the  fourth 
word  in  this  sen¬ 
tence?”)  —  that’ll  keep 
most  botsout. 

(This  advice  does 
not  apply  to  huge  sites 
that  will  themselves  be 
targeted  by  spambots. 

Those  need  something 
more  sophisticated. 

But  you  don’t  need  a 
jackhammer  to  drive  a 
single  nail.) 

Chris  Angelico 


Taking  the  iPhone  leap 

©  YOUR  LEAP  TO  Apple  is  not  just  some 
fluke.  It’s  happening  in  droves  as  busi¬ 
ness  folks  look  at  the  experience  others 
are  having  with  an  iPhone.  As  more 
businesses  warm  up  to  the  iPhone’s 
enterprise  possibilities,  RIM  will  be  in 
survival  mode.  Just  like  Nokia,  they  sat 
around  in  the  board  room  in  denial  about 
what  impact  Apple  would  have.  Instead 
of  acting,  they  waited  and  are  now  in  the 
fight  of  their  life  (Re:  “A  BlackBerry  user’s 
first  impressions  of  his  new  iPhone  4S”; 
tinyurl.com/42s4ctg). 

jasper 527 


I’m  now  sold  on 
open  source 
as  the  future  of 
PC  software  - 
and  hopefully 
beyond. 


Unbalanced  Wi-Fi 

©MOSTOFTHE  newer  controller  or  mesh 
type  Wi-Fi  systems  can  load  balance 
client  radios  between  the  2.4GHz  and 
5GHz.  So  it  is  a  matter  of  planning  your 
migration  of  client  device  radios  to  dual 
2.4GHz/5GHz  and  your  infrastructure  to 
support  both.  Eventually  the  junk  band 
will  be  left  to  the  games  and  legacy  apps 
that  need  the  lower  rates  and  the  “intel¬ 
ligent”  Wi-Fi  system  will  move  the  rest 
of  the  clients  to  the  5GHz  side  (Re:  “Wi-Fi 


The  Ubuntu 
experiment 

©  I’M  GLAD  YOU  gave 
Ubuntu  a  detailed  try. 
I’ve  been  a  huge  fan  of 
Ubuntu  since  Release 
6,  and  I  agree  with  you 
on  Unity  —  I  wish  they 
had  left  the  UI  alone. 
Wholesale  changes 
like  this  have  poten¬ 
tially  large  associated 

_  operating  costs.  But, 

Ubuntu  is  free,  and 

offers  a  huge  amount  of  function  at  that 
price.  I’ve  installed  it  on  at  least  a  dozen 
computers  ranging  from  Nano-ITX  to 
microATX,  and  I’ve  had  only  one  or  two 
problems  that  required  a  little  tweaking. 
I’m  now  sold  on  open  source  as  the  future 
of  PC  software  —  and  hopefully  beyond 
(Re:  “Two  weeks  with  Ubuntu  instead  of 
Windows  7”;  tinyurl.com/3sy9a39). 

I  hope  many  more  will  give  Ubuntu  a  try. 

farpointl 
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TOUGH  QUESTION  #18 


NETWORK  SECURE  WEB.  AND  E-MAlL  '  BACKUP  AND  POLICY  AND 

SECURITY  REMOTE  ACCESS  SECURITY  RECOVERY  MANAGEMENT 


WHO  MAKES  THE  HIGHEST  PERFORMANCE 
LOW  LATENCY  NEXT-GEN  FIREWALL? 


WAN  J, 

acceleration 


APPLO 
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DPi-SSL 
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BANDWIDTH 

MANAGEMENT 


SON  1C  WALL 
ENTERPRISE. 


SonicWALL®  enables  IT  to  get  back  in  control  and  more  easily  and  efficiently  stay  ahead 
of  today’s  constantly  evolving  threats  and  application-related  issues.  An  advanced 
security  platform  consolidates  core  Next-Gen  Firewall  application  intelligence,  ,  control 
and  visualization,  gateway  protection,  and  inspection  for  SSL  encrypted  sessions 
for  enterprises  along  with  WAN  acceleration  for  distributed  offices.  SonicWALL’s  low 
latency  platform  scans  and  secures  every  packet  of  every  protocol,  efficiently  securing 
the  network,  controlling  Web  2.0  apps,  and  optimizing  bandwidth. 

Secure  network  optimization  that  minimizes  complexity  and  latency  is  how  within 
reach.  Learn  about  our  SuperMassive  El  0000  Series  and  the  rest  of  our  network 
security  line-up  at  sonicwalLcpirfi/oif^imize.  ' 


€>2011  SonicWALL,  Inc.  SonicWALL  and  the  SonicWALL  logo  are  registered  trademarks  ot  SonicWALL,  Inc, 
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Russia,  China  will  be 
looking  in  on  you 

RUSSIA  AND  CHINA  will  be  stepping  up  their  cyber  espio¬ 
nage  efforts  in  the  pharmaceutical,  defense  and  manufactur¬ 
ing  sectors  according  to  a  government  report  released  last 
week.  The  two  countries  were  singled  out  in  the  report  from 
the  Office  of  the  National  Counterintelligence  Executive,  which 
recommended  that  organizations  encrypt  information,  use 
multifactor  authentication  and  conduct  real-time  monitoring 
of  networks.  The  study  covers  2009  through  this  year  and  is 
part  of  a  law  that  requires  the  U.S.  president  to  send  Congress 
a  biennial  report  on  the  threat  to  U.S.  industry  from  industrial 
espionage,  tinyurl.com/3j43nay 
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Nitro  hackers  use 
stock  malware  to 
steal  chemical, 
defense  secrets 

ATTACKERS  USED  an  off-the- 
shelf  Trojan  horse  to  sniff  out 
secrets  from  nearly  50  compa¬ 
nies,  many  of  them  in  the  chemi¬ 
cal  and  defense  industries, 
Symantec  researchers  report. 
The  attack  campaign  —  dubbed 
“Nitro"  —  started  in  July  and 


continued  until  mid-September, 
targeting  an  unknown  number 
of  companies  and  infecting  at 
least  48  with  the  widely  avail¬ 
able  “Poison  Ivy”  remote-access 
Trojan  (RAT).  The  malware  has 
been  implicated  in  numerous 
attacks,  including  the  March 
campaign  against  RSA  Security 
that  netted  information  about 
that  company’s  SecurlD  authen¬ 
tication  token  technology.  “Nitro 
wasn’t  at  the  level  of  sophisti¬ 
cation  of  a  Stuxnet,”  said  Jeff 
Wilhelm,  a  senior  researcher 


with  Symantec,  “but  there  are 
similarities  with  other  advanced 
threats.”  tinyurl.com/3s52op8 

IT  pros  staying 
put,  expecting 
raises 

THERE’S  CAUSE  for  content 
ment  among  IT  pros,  many  of 
whom  are  staying  in  their  cur¬ 
rent  jobs  due  to  a  combination 
of  lingering  economic  concerns 
and  improving  conditions 
at  work.  In  a  survey  of  500 
IT  pros,  staffing  firm  Modis 
found  the  majority  (89%)  are 
happy  with  their  jobs.  Nearly 
two-thirds  (64%)  said  they 
intend  to  stay  with  their  current 
employer,  and  25%  said  they’d 
only  leave  if  the  right  opportu¬ 
nity  came  along.  Just  11%  are 
unhappy  with  their  current 
position,  which  includes  4%  of 
respondents  who  are  actively 
searching  for  a  new  job.  On 
the  hiring  front,  28%  of  the 
pros  surveyed  said  they  think 
their  team  will  increase  (either 
marginally  or  significantly)  in 
the  coming  year,  and  65%  said 
headcount  will  stay  the  same. 
Just  6%  expect  headcount  to 
decrease.  IT  pros  are  mixed  on 
salary  increases,  but  the  largest 
percentage  (44%)  expect  to  be 
offered  a  raise  in  2012.  tinyurl. 
com/3sbyn6n 

Anti-tracking 

tools 

unimpressive, 
study  finds 

PEOPLE  WHO  want  to  limit 
the  behavioral  advertising  and 
tracking  they’re  subjected  to  on 
the  Web  aren’t  well  served  by 
popular  privacy  tools,  according 
to  a  Carnegie  Mellon  University 
study.  The  nine  tools  evaluated 
in  the  study,  which  included  IE 


and  Firefox  components,  were 
generally  too  complicated  and 
confusing,  leading  to  misuse. 
Each  tool  was  tried  out  by  five 
participants,  and  researchers 
observed  how  participants 
installed  and  configured  the 
tools,  then  recorded  the  users’ 
perceptions  and  opinions. 
“None  of  the  nine  tools  we  tested 
empowered  study  participants 
to  effectively  control  tracking 
and  behavioral  advertising 
according  to  their  personal  pref¬ 
erences,”  the  researchers  wrote. 
tinyurl.com/3dfaqvt 


HP  back  in  the 
device  game 

LESS  THAN  a  week  after  HP 
announced  it  would  retain  its 
PC  unit,  the  company  unveiled 
the  new  Slate  2  tablet  with 
Windows  7.  Starting  at  $699,  the 
Slate  2  has  an  8.9-inch  capaci¬ 
tive  touch  display  and  a  faster 
processor  (an  Intel  Atom  Z670 
processor)  than  its  predecessor. 
Despite  tepid  interest  in  its  first 
offering,  the  company  seems 
to  be  hoping  the  controls  it 
builds  in  will  appeal  to  business 
customers.  Data  on  the  tablet 
can  be  remotely  wiped  in  case  of 
theft,  and  HP  is  bundling  Abso¬ 
lute  Software’s  Computrace  Pro, 
which  helps  track  lost  tablets. 
The  tablet’s  chip  also  includes 
Trusted  Platform  Management, 
a  hardware-based  cryptography 
and  authentication  technology. 
tinyurl.com/3ulv325 
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Assange  loses 
appeal 

WikiLeaks  founder  Julian 
Assange  lost  an  appeal 
that  tried  to  block  his 
extradition  to  Sweden  on 
potential  charges  of  rape 
and  molestation. 
tinyurl.com/3z29vkc 


IE  usage  drops. 
Chrome  gains 

IT  WON’T  be  long  before 
Microsoft’s  share  of  the  desktop 
browser  market  dips  below 
50%,  if  Internet  Explorer 
continues  to  lose  usage  share  at 
its  current  clip.  In  the  month  of 
October,  IE  lost  nearly  two  per¬ 
centage  points,  falling  to  52.63% 
of  the  desktop  browser  market 
from  54.39%  in  September, 
according  to  Net  Applications 
.com.  Google’s  Chrome  browser 
picked  up  a  good  portion  of  IE’s 
loss,  boosting  its  share  to  17.62% 
of  the  desktop  market,  up  from 
16.2%  a  month  earlier.  Firefox 
held  onto  the  No.  2  position  with 
a  22.51%  share  (compared  to 
22.48%  in  September).  Safari 
continues  to  dominate  the 
mobile/tablet  browser  market, 
ending  October  with  a  com¬ 
manding  62.17%  share  —  a  gain 
of  more  than  6.5  percentage 
points  from  55.59%  in  Septem¬ 
ber.  tinyurl.com/4xw5ncj 

IBM's  Watson 
edges  Harvard 
students  in 
'feopardy!'  quiz 

IBM’S  WATSON  supercom¬ 
puter  eked  out  a  victory  in  a 


“Jeopardy!”  quiz-show  battle 
with  a  trio  of  Harvard  Business 
School  students  last  week,  pull¬ 
ing  out  the  win  with  a  higher 
wager  on  the  Final  Jeopardy! 
clue  that  ends  every  game.  Both 
Watson  and  the  HBS  students 
got  the  final  answer,  Mount 
Rushmore,  correct,  but  Watson 
bet  more  of  its  winnings  and 
ended  up  with  $56,331  to 
HBS’  $42,399.  A  team  from 
the  Massachusetts  Institute 
of  Technology’s  Sloan  School 
of  Management  also  played 
but  couldn’t  find  its  rhythm 
during  the  contest,  and  ended 
up  with  just  $100.  tinyurl. 
com/4yjgqk9 

Finally,  an  easy 
way  for  mobile 
devices  to 
use  corporate 
printers 

A  NEW  client  -server  applica¬ 
tion  lets  most  mobile  devices 
wirelessly  use  corporate  print¬ 
ers  without  having  to  change 
the  smartphones,  tablets  or 
the  printers.  Mobile  operating 
systems  typically  lack  the  driv¬ 
ers  and  other  software  needed 
to  send  and  manage  print  jobs, 
though  they  can  make  use  of 
personal  desktop  printers. 

EFI’s  new  PrintMe  Mobile 
runs  as  a  Windows  application 
behind  the  firewall,  and  exploits 


features  in  the  iOS,  Android 
and  BlackBerry  OS  firmware 
to  mimic  the  kind  the  print  capa¬ 
bilities  users  are  accustomed 
to  with  their  laptops.  The  EFI 
application  will  display  to  the 
user  a  list  of  authorized  printers 
and  then  manage  the  print  job 
on  the  user’s  behalf,  tinyurl. 
com/3rtf8mn 

Apple  promises 
software 
fixforiOS5 
battery  woes 

APPLE  IS  confirming  what 
owners  of  the  iPhone  4S  and 
other  iOS  devices  already  know: 
The  latest  version  of  its  mobile 
OS  —  iOS  5  —  seems  to  suck 
more  juice  than  the  previous 
version.  The  company  says  it 
plans  to  release  an  update  to 
address  the  problem.  Apple  ini¬ 
tially  promised  that  the  power- 
efficient  AS  processors  in  the  4S 
would  deliver  eight  hours  of  talk 
time  on  3G,  14  hours  on  AT&T’s 
EDGE  network,  six  hours  of 
3G  browsing,  nine  hours  of 
Wi-Fi,  10  hours  of  video  and 
40  hours  of  listening  to  music. 
But  users  have  been  complain¬ 
ing  that  they’re  getting  far  less 
than  that,  and  that  they  need  to 
charge  their  iPhones  and  iPads 
far  more  frequently  than  they 
did  when  they  were  using  iOS  4. 
tinyurl.com/3s4dors 


IBM  tunes 
solar  power  for 
data  centers 

IBM  IS  rolling  out  a  solar- 
power  system  designed  to  run 
high-voltage  data  centers.  The 
first  iteration  of  the  system, 
installed  on  a  6,000-square-foot 
rooftop  in  Bangalore,  is  capable 
of  providing  a  50-kilowatt  sup¬ 
ply  of  electricity  for  up  to  330 
days  a  year,  for  an  average  of  five 
hours  a  day.  By  employing  high- 
voltage  DC  power  condition¬ 
ing  methods  —  and  reducing 
AC-DC  conversion  losses  —  the 
new  IBM  solution  can  cut 
energy  consumption  of  data 
centers  by  about  10%,  IBM  esti¬ 
mates.  tinyurl.com/3sys27q 

Tablet  sales 
weak  if  you're 
not  Apple 

WHILE  THE  iPad  continues 
to  be  a  big  success,  the  tablet 
market  offers  a  harsher  climate 
to  vendors  other  than  Apple. 
Motorola  sold  only  100,000 
Xooms  during  the  third  quarter, 
while  Apple  sold  more  than 
11  million  iPads  in  the  same 
period.  Meanwhile,  Research 
in  Motion  sold  just  200,000  of 
its  critically  slammed  Play- 
Book  tablet  between  June  and 
August.  So  far,  Samsung  has 
been  the  most  successful  chal¬ 
lenger,  selling  about  1.6  million 
Galaxy  tablets  during  the  third 
quarter,  according  to  data  from 
market  research  company 
Canalys.  Predicted  to  outsell  all 
other  challengers  is  Amazon, 
which  has  seen  such  pre-order 
demand  for  its  upcoming  $199 
Kindle  Fire  that  it  decided  to 
ramp  up  production,  tinyurl. 
com/6zvvnqo 
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Fabric  wars:  Cisco  vs. 
Brocade  vs  Juniper 


BYJIM  DUFFY 


THE  PAST  three  years  have  been  very  noisy 
on  the  data  center  fabric  and  architecture 
front.  Every  quarter  seems  to  bring  about 
a  new  convergence  blueprint  from  another 
vendor  —  and  a  variety  from  one  or  two. 

Fibre  Channel  over  Ethernet  (FCoE)  is 
being  pushed  hard  by  Cisco.  It  consolidates 
server  adapter  ports  by  tunneling  FCoE 
instead  of  requiring  a  separate  Fibre  Chan¬ 
nel  network. 

FCoE  with  Cisco’s  FabricPath  lossless 
Ethernet  software  on  the  company’s  Nexus 
switches  forms  the  network  backbone. 
But  Cisco  is  also  looking  to  unify  compute 
and  storage  with  the  network  through  its 
Unified  Computing  System  (UCS),  which 
includes  Cisco  blade  servers  with  memory 
extensions  to  accommodate  a  high  num¬ 
ber  of  virtual  machines  and  their  service 
profiles. 

FCoE  is  a  standard,  but  FabricPath  and 
UCS  are  Cisco-specific  innovations.  Cisco 


says  FabricPath  supports  the  lETF’s  TRILL 
method  for  solving  scalability  problems  in 
data  center  networks,  but  is  also  a  “superset” 
ofit. 

Brocade  has  some  FCoE  products  but  is 
not  as  bullish  as  Cisco  on  the  technology. 
That’s  because  Brocade  has  the  lion’s  share 
of  the  Fibre  Channel  SAN  market  —  it  would 
lose  Fibre  Channel  revenue  to  Cisco,  which 
has  65%  or  more  of  the  Ethernet  switching 
market,  if  the  FCoE  market  takes  off. 

Brocade  also  claims  its  BrocadeOne 
architecture  is  standards-compliant  in  that 
it  also  supports  TRILL  and  the  IEEE’s  Data 
Center  Bridging  standard  for  lossless  Eth¬ 
ernet.  Its  fabric  element  is  Virtual  Cluster 
Switching  (VCS),  which  was  developed  to 
provide  a  lossless,  low  latency,  determinis¬ 
tic  multi-path  Ethernet  network. 

BrocadeOne  seeks  to  transform  physical 
data  center  assets  and  resources  into  vir¬ 
tual  services  allocated  via  software  com¬ 
mands  rather  than  physical  relocation  or 
►  See  Fabric, page  12 


Corporate-  vs.  employee- 
owned  mobile  devices 


BYELLENMESSMER 


IF  AN  employee  walked  into  work  one 
day  clutching  his  shiny  new  iPhone,  iPad, 
Android  or  other  mobile  smartphone  or 
tablet,  wanting  to  use  it  for  official  corpo¬ 
rate  business,  would  you  say  yes? 

Plenty  of  IT  managers  are  hearing  that 
question  these  days,  aware  that  it  gives 
rise  to  security  and  management  concerns. 
Should  the  employee-owned  smartphone 
or  tablet  be  managed  or  secured  exactly  as 
a  corporate-issued  mobile  device  might 
be?  Can  the  employee  and  business  data  be 
separated  somehow?  Or  should  the  whole 
“bring  your  own  device”  (BYOD)  phenom¬ 
enon  be  rejected  as  too  much  of  a  security 
risk  and  management  ordeal? 

Former  White  House  cybersecurity 


adviser  Richard  Clarke,  now  partner  at 
the  firm  Good  Harbor  Consulting,  says 
employee-owned  devices  used  for  work 
may  well  “represent  the  newest  and  largest 
vulnerability  in  corporate  America  now.” 

Employees  are  insisting  they  have  these 
devices,  and  CIOs  are  giving  in.  But  “the 
corporation  has  a  responsibility  to  its 
shareholders  to  ensure  that  everything  that 
is  allowed  there  is  secured,”  Clarke  says. 
That  means  ensuring  that  any  app  running 
on  that  device  is  secure,  he  says.  Anything 
less  is  unacceptable. 

The  U.S.  government  itself  is  not  rushing 
into  the  BYOD  craze,  according  to  Deborah 
Gallagher,  acting  director  of  the  identity 
management  division  at  the  General  Ser¬ 
vices  Administration  (GSA).  She  fielded 
►  See  BYOD, page  12 
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Are  you  ready  for  networking  in  the  cloud? 

The  next  wave  in  cloud  computing  is  traditional  IT  infrastructure  services 


BY  JIM  METZLER 

THE  TWO  primary  forms  of  public  cloud 
computing,  Infrastructure-as-a-Service  (IaaS) 
and  Software-as-a-Service  (SaaS),  are  both 
growing  dramatically  in  popularity.  Over  the 
last  few  years,  the  primary  focus  of  the  IaaS 
providers  has  been  on  offering  the  basic  com¬ 
pute  and  storage  resources  required  to  run 
applications. 

The  primary  focus  of  SaaS  providers  has 
been  on  offering  enterprise  applications  such 
as  CRM  and  ERP,  as  well  as  on  offering  com¬ 
munications  and  collaboration  solutions. 

Recently,  cloud  service  providers  have 
begun  offering  a  new  class  of  solutions,  which 
have  historically  been  provided  by  the  IT  infra¬ 
structure  group.  In  addition  to  the  communi¬ 
cations  and  collaboration,  this  includes  net¬ 
work  and  application  optimization,  security, 


management  and  virtualized  desktops. 

We’re  calling  this  new  class  of  solutions 
Cloud  Networking  Services  (CNS).  The  intro¬ 
duction  of  CNS  presents  the  IT  infrastructure 
group  with  a  new  challenge.  That  challenge 
is  to  determine  which  of  the  traditional  IT 
services  it  should  continue  to  provide  itself, 
which  ones  it  should  acquire  from  a  CNS 
provider  and  which  should  be  provided  as  a 
hybrid  solution. 

CNS  as  infrastructure  solutions 

One  could  argue  that  at  least  some  CNS  solu¬ 
tions  fall  into  the  SaaS  category  and  that  some 
others  are  IaaS.  While  technology  is  one  way 
to  classify  CNS  solutions,  a  more  compelling 
way  is  to  look  at  how  the  typical  IT  organiza¬ 
tion  is  structured. 

Most  IT  organizations  have  an  applica¬ 
tions  organization  whose  primary  role  is  to 


develop,  acquire  and  maintain  enterprise 
applications  such  as  CRM,  ERP  and  supply 
chain  management. 

Most  IT  organizations  also  have  an  infra¬ 
structure  organization  whose  primary  role  is 
to  provide,  manage,  secure  and  optimize  the 
networks  and  servers  that  support  these  apps. 

In  almost  all  cases,  services  such  as  voice, 
collaboration,  disaster  recovery,  management, 
security,  optimization  and  virtual  desktops 
are  provided  by  the  infrastructure  organiza¬ 
tion  —  not  the  applications  organization. 

Based  on  the  way  that  IT  organizations  are 
typically  structured,  CNS  solutions  should 
be  considered  to  be  the  next  wave  of  IaaS 
solutions. 

Evaluating  CNS  solutions 

As  part  of  evaluating  these  solutions,  IT 

►  See  Networking, page  18 


►  BYOD,  from  page  11 

questions  on  this  at  the  recent  Biometrics 
Consortium  Conference. 

Concerns  about  employee-owned  devices 
include,  “How  do  we  make  sure  the  device  is 
the  one  we  want  on  the  network,  and  the  per¬ 
son  is  who  they  say  they  are,  and  it’s  secure?” 
said  Gallagher.  “We’re  not  sure  yet.” 

GSA  is  thinking  about  the  BYOD  question 
but  wants  to  achieve  the  same  levels  of  security 
required  for  government-issued  computers. 
“We  don’t  want  to  throw  out  what  we’ve  done 
already,”  she  said,  alluding  to  the  enormous 
public-key  certificate  management  infra¬ 
structure  the  government  has  fostered  over 
the  years.  The  government  might  consider 
using  digital  certificates  on  the  new  variety  of 
smartphones. 

Chad  Plemons,  vice  president  of  IT  at 
Knoxville,  Tenn.-based  Edfinancial  Services, 
involved  in  student  loans,  says  BYOD  is  not  an 
option  at  all  because  contractual  obligations 
with  the  Federal  Student  Aid  division  of  the 
U.S.  Department  of  Education  require  Edfi¬ 
nancial  to  use  only  company-owned  devices. 

But  in  the  private  sector,  many  companies 
are  moving  forward  with  BYOD. 

Jon  Martin,  vice  president  of  IT  at  Digirad,  a 
maker  of  cameras  used  for  medical  purposes, 
said  his  firm  is  allowing  employee-owned 
iPhones  and  iPads. 

“What  we’ve  done  is  move  from  the  company 
owning  the  device  to  the  individual  owning 


the  device,”  Martin  says,  noting  there’s  a  for¬ 
mal  procedure  for  that  with  a  subsidy  to  the 
employee. 

There  are  limits,  though. 

“We’re  only  trying  to  support  email,”  he  says. 
“And  the  users  can’t  contact  us  for  advice.  We 
say,  check  with  your  provider,”  such  as  the 
wireless  services  provider,  when  the  devices 
don’t  work  well.  However,  there’s  a  dual-man¬ 
agement  arrangement  where  Digirad’s  cloud 
provider  for  Microsoft  Exchange  services, 
CenterBeam,  with  its  CenterBeam  365+  ser¬ 
vice,  does  manage  the  email  connectivity  for 
the  employee-owned  device  used  at  work. 

Verisign  Chief  Security  Officer  Danny 
McPherson  says  his  company  allows 
employee-owned  devices  for  use  at  work  — 
under  some  conditions,  noting  it’s  been  some¬ 
what  of  a  “struggle”  to  evolve  a  policy. 

“It’s  a  subjective  consideration  based  on  the 
group  the  individual  is  in,”  McPherson  says. 
He  says  certain  security  software  has  to  be 
run  on  employee-owned  devices,  as  it  might 
be  on  corporate-issued  devices.  Even  then, 
“personal  devices  used  for  work  are  not  given 
ubiquitous  access.” 

“Management  of  employee-owned  devices 
is  tricky  because  it  is  much  more  difficult  to 
maintain  standardization  on  these  devices 
and  to  install  software  and  agents  designed  to 
lock  them  down,”  says  Steve  Brasen,  manag¬ 
ing  research  director,  systems  management, 
at  consultancy  Enterprise  Management 
Associates.  ■ 


►  Fabric,  from  page  11 

deployment  of  systems. 

Juniper's  QFabric  seeks  to  flatten  and  sim¬ 
plify  data  center  networks  to  accommodate 
growth  of  devices  and  applications,  virtual¬ 
ized  servers  and  storage,  and  cloud-enabled 
on-demand  access  to  virtualized  pools  of  IT 
resources.  With  QFabric,  switches  and  rout¬ 
ers  that  make  up  a  data  center  network  or 
interconnected  data  center  networks  behave 
as  one  logical  switch  or  router,  meaning  appli¬ 
cations  are  no  more  than  a  hop  away  from 
requester  and  server. 

The  QFabric  network,  in  Juniper’s  view,  is  a 
single-tier  construct  that  eliminates  two  of  the 
three  layers  —  access,  aggregation  and  core  — 
of  the  data  center  network. 

Meanwhile,  HP  and  Enterasys  have 
unveiled  switching  fabrics  that  stretch  across 
the  enterprise,  from  the  data  center  to  the  cam¬ 
pus  and  out  to  the  branch  office.  Avaya  has  its 
VENA  blueprint,  which  is  based  on  Shortest 
Path  Bridging;  and  Alcatel-Lucent  has  its 
Application  Fluent  Network  approach. 

Is  there  any  right  one? 

“Who’s  best  depends  on  the  problem  you’re 
trying  to  solve,”  says  Zeus  Kerravala,  princi¬ 
pal  analyst  at  ZK  Research.  “If  you’re  focused 
on  the  data  center  and  storage  convergence;  if 
you  want  to  leverage  an  existing  infrastruc¬ 
ture;  if  you  want  to  do  something  radical  and 
off  the  wall.  They  are  all  coming  at  it  from  dif¬ 
ferent  points  of  strength.”  ■ 
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U.S.  energy  agency  demos  blazingly  fast  network 

DoE’s  new  100G  backbone  is  one  of  the  world’s  fastest  edge  networks 


BY  CAROLYN  DUFFY  MARSAN 

THE  U.S.  Department  of  Energy  will  debut 
this  month  one  of  the  fastest  networks  ever 
built:  a  lOOGbps  Ethernet  network  that  will 
enable  researchers  to  create  more  complex, 
real-world  simulations  in  climate  change, 
particle  physics,  astronomy  and  other  scien¬ 
tific  fields. 

DoE  is  demonstrating  its  100G  upgrade 
to  the  Energy  Sciences  Network  (ESnet)  at  a 
conference  in  Seattle  from  Nov.  12-18.  Previ¬ 
ously,  ESnet  provided  lOGbps  links. 

“Since  1990,  our  traffic  has  grown  by  a 
factor  of  10  every  47  months  on  average,” 
explained  Steve  Cotter,  ESnet  department 
head.  “We  are  in  the  age  of  observation  right 
now  in  science.  All  of  these  scientific  instru¬ 
ments  and  experiments  are  collecting  sig¬ 
nificantly  more  data  than  they  ever  have  in 
the  past.  This  data  needs  to  be  stored . . .  and 
moved  around.  We’ve  been  using  this  10  Giga¬ 
bit  network . . .  but  we  knew  that  if  we  didn’t 
start  planning  now  for  a  100  Gigabit  network, 
the  demand  would  overwhelm  us.” 

The  100G  ESnet  upgrade  was  funded 
through  the  Obama  administration’s  eco¬ 
nomic  stimulus  package  in  February  2009. 


“We  received  stimulus  funds  to  build  this 
100G  network  with  the  intention  of  doing  two 
things.  One  was  accelerating  the  deployment 
of  100G  so  that  the  equipment  manufactur¬ 
ers  didn’t  shelve  the  technology  on  fears  that 
there  wouldn’t  be  demand _ The  other  rea¬ 

son  they  gave  us  the  money  was  to  build  a 
next-generation  network  test  bed  and  to  fund 
network  research,”  Cotter  said. 

Costing  an  estimated  $62  million,  the 
100G  network  will  link  three  DoE  research 
centers:  Lawrence  Berkeley  National  Labo¬ 
ratory  in  California,  Argonne  National  Lab  ¬ 
oratory  in  Illinois  and  Oak  Ridge  National 
Laboratory  in  Tennessee.  It  also  will  connect 
with  a  key  Internet  exchange  point  in  New 
York  for  connecting  to  research  networks 
overseas. 

The  100G  network  is  being  built  using 
dark  fiber  from  Level  3  Communications, 
high-speed  services  through  the  Internet2 
research  consortium  and  routers  from  LGS 
Innovations,  the  federal  sales  arm  of  Alcatel- 
Lucent.  The  systems  integrator  on  the  deal  is 
a  small,  minority-owned  business  called  Syn¬ 
chronized  Networking  Solutions  in  Penrose, 
Colo. 

LGS  Innovations  is  providing  14  Alcatel- 


Lucent  7750  Service  Routers.  Juniper  was  the 
incumbent  router  provider  for  ESnet.  Ciena  is 
involved  in  ESnet  through  a  deal  in  which  it 
is  provides  an  8.8  terabit  optical  platform  for 
the  transport  layer. 

Steve  Gilke,  who  handles  technical  sales  for 
LGS  Innovations,  said  the  ESnet  upgrade  is 
one  of  the  first  networks  to  handle  100G  at  the 
edge.  “Nobody  has  done  that  before,”  he  added. 
“They’ve  run  100G  on  the  National  Lambda 
Rail  backbone,  but  they’ve  never  approached 
that  speed  in  Ethernet  at  the  edge.” 

Winning  the  ESnet  upgrade  is  significant 
for  LGS  Innovations,  which  is  marketing  its 
100G  routers  and  hinting  at  400G  within  the 
next  few  years. 

“This  [deal]  is  cutting-edge  technology, 
it’s  a  client  on  the  leading  edge,  and  it’s  one  of 
Alcatel-Lucent’s  newest  and  greatest  prod¬ 
ucts,”  said  Robert  Farr,  chief  marketing  offi¬ 
cer  for  LGS  Innovations. 

Measuring  energy  used 

One  unique  aspect  of  the  100G  ESnet  back¬ 
bone  is  that  instrumentation  will  be  deployed 
to  measure  how  much  energy  the  network 
itself  uses  across  its  12,924  miles  of  dark 
fiber. 

“We  are  going  to  instrument  the  network 
for  energy  consumption  measurements,”  Cot¬ 
ter  said.  “We  believe  we  are  the  first  network  at 
this  scale  to  collect  that  information  and  make 
it  available  to  researchers  so  we  can  begin  to 
look  at  the  energy  consumption  of  networks. 
There’s  been  a  lot  of  effort  into  making  data 
centers  more  energy  efficient  but  very  little 
has  been  done  to  look  at  the  networks  that 
connect  data  centers. . . .  Maybe  we’ll  be  able  to 
provide  dynamic  routing  based  on  the  source 
of  energy  and  how  green  it  is.” 

Cotter  said  the  financial  industry  has 
deployed  100G  on  a  smaller  scale  and  that 
content  providers  such  as  Facebook  and 
Google  are  evaluating  it.  He  believes  the  ESnet 
upgrade  helped  motivate  router  manufactur¬ 
ers  to  bring  100G  products  to  market. 

“100GE  is  not  really  revolutionary.  I  look 
at  it  as  evolutionary,”  Cotter  said.  “Science 
is  hinging  on  the  ability  to  analyze  the  data. 
If  we  can  make  it  easier  to  move  that  data  to 
the  supercomputers  where  it  can  be  ana¬ 
lyzed,  we’re  hoping  to  speed  up  the  cycle  of 
scientific  discovery.  That,  in  turn,  will  lead  to 
a  better  understanding  of  the  origins  of  the 
universe  or  accelerate  advances  in  medicine 
or  healthcare.”  ■ 


DOE’s  Energy  Sciences  Network 

The  $62  million  ESnet  upgrade  will  boast  lOOGbps 
Ethernet  links,  up  from  lOGbps,  to  support  increasingly 
complex  scientific  experiments  and  research  online. 


lOOGbps  Ethernet 
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►  Microsoft ,  from  page  1 

software  at  IDC,  says,  “Windows  Phone  is  on 
the  right  track  and  the  latest  upgrade  closes 
the  gap  significantly  and  begins  to  differenti¬ 
ate  [from  iOS  and  Android.  Microsoft  has]  to 
get  the  strategy  and  ecosystem  right,  and  the 
market  shares  will  follow.” 

Yet  plenty  of  obstacles  remain,  and  no  one, 
apparently  including  Microsoft,  expects 
Windows  Phone  to  leap  over  Google  Android 
and  Apple  iOS  in  a  single  bound. 

“The  biggest  problem  is  the  name  and  the 
marketing,”  Dulaney  says.  “Windows  Phone 
7  is  not  a  name  that  will  appeal  to  the  25-year- 
old  set.  Microsoft  thinks  that 
everyone  knows  Windows.  What 
they’re  forgetting  to  investigate 
is  what  people  emotionally  feel 
about  it.” 

Microsoft’s  market  structure 
—  an  operating  system  provider 
working  with  and  through  phone 
manufacturers  and  carriers  — 
imposes  constraints  also,  says 
mobile  watcher  Horace  Dediu, 
founder  of  the  Asymco  blog  and 
a  former  Nokia  business  develop¬ 
ment  manager. 

In  a  recent  blog  post,  he  noted 
that  Microsoft’s  “dependence  on 
a  complex  value  network  means 
that  products  do  not  reach  users 
quickly  enough  and  when  they  do, 
the  marketing  message  is  weak, 
even  when  backed  by  large  bud¬ 
gets.  The  real  problem  with  Micro¬ 
soft’s  approach  is  that  it’s  neither 
viral  like  Android  (because  it  has 
a  price  and  a  contract  associated 
with  it)  nor  is  it  focused  and  agile 
like  Apple’s.  It  seems  to  suffer  from 
the  worst  aspects  of  modularity 
(market  lag)  without  benefiting 
from  the  control  over  the  ecosystem  and  end 
user  experience  that  differentiates  it.” 

There  are  indications  that  the  lag  and  lack 
of  agility  may  be  changing.  Nokia  recently 
introduced  its  first  two  Windows  Phone 
products  nine  months  after  announcing  its 
partnership  with  Microsoft.  It’s  already  dis¬ 
tributing  the  Windows  Phones  in  Europe 
and  some  Asian  markets,  and  plans  to  bring 
a  “new  portfolio”  of  phones  to  the  U.S.,  a  tra¬ 
ditionally  weak  market  for  the  company,  in 
early  2012,  while  expanding  into  other  Asian 
markets,  and  to  China  later  that  year. 

The  pace  of  Windows  Phone  hardware 
innovation  may  be  shifting  into  higher  gear. 
Nokia,  for  example,  announced  Nov.  2  it  will 
use  ST- Ericsson’s  dual-core  NovaThor  chips 


in  future  Windows  Phones.  The  entry-level 
U5500  chip,  running  at  800MHz,  supports 
HSPA+,  handles  a  12-megapixel  camera, 
and  records  720p  video.  According  to  ST- 
Ericsson,  the  cost-effective  U5500  can  power 
smartphones  priced  at  less  than  $200  before 
carrier  subsidies.  By  contrast,  Nokia’s  new 
Lumia  710  and  800  Windows  Phone  mod¬ 
els  cost  about  $373  and  $580,  respectively.  In 
the  past,  Nokia  has  said  it  will  release  lower- 
priced  Windows  Phone  handsets  aimed  at 
developing  markets. 

New  Windows  Phone  7.5  handsets  intro¬ 
duced  by  Samsung  and  HTC  have  been  getting 
generally  favorable  reviews  (and  at  least  one 


of  the  phones  being  introduced  this  Monday 
appears  to  be  a  Samsung  model  as  well).  The 
HTC  Radar,  released  last  week  by  T-Mobile 
for  $100  with  a  two-year  contract,  is  a  good 
example.  Though  not  designed  as  a  high-end 
phone,  it  shows  a  new  awareness  of  the  rela¬ 
tionship  between  styling,  performance  and 
price  for  Microsoft’s  mobile  platform. 

Initially  skeptical  reviewers  praised  the 
Radar’s  sculpted  heft  and  solidity  of  the 
mainly  aluminum  body.  And  despite  using 
‘only”  a  single-core  1GHz  Qualcomm  proces¬ 
sor,  reviewers  praised  the  smooth,  fluid  UI 
and  app  performance,  and  the  way  Microsoft 
has  integrated  online  social  networks  seam¬ 
lessly  with  the  phone’s  apps  and  services. 

At  Monday’s  event,  it’s  possible  that  some 


of  Microsoft’s  newest  manufacturing  part¬ 
ners  such  as  Lenovo  and  ZTE  may  unveil 
their  first  phones  for  the  OS. 

Gartner’s  latest  projections  for  2011  sug¬ 
gest  that  Windows  Phone  may  have  been 
popular  enough  to  stop  the  declining  unit 
sales  of  Microsoft-powered  smartphones.  In 
2010,  worldwide  sales  to  end  users  of  Win¬ 
dows  mobile  devices,  counting  both  Win¬ 
dows  Phone  and  mainly  the  older  Windows 
Mobile  firmware,  totaled  12.4  million  units, 
according  to  Gartner.  For  2011,  the  market 
watcher  now  projects  12.8  million.  Because 
the  smartphone  market  as  a  whole  has  soared, 
Microsoft’s  market  share  dropped  this  year  to 
2.7%  compared  to  4.2%  in  2010. 

But  next  year,  Gartner  thinks 
Windows  Phone  devices  could 
come  close  to  64  million  units, 
a  growth  rate  of  nearly  400%. 
That’s  roughly  equal  to  Gartner’s 
forecast  for  RIM’s  BlackBerry 
smartphones,  but  of  course  far 
less  than  projected  iOS  device 
sales,  at  more  than  128  million, 
and  Android  units  of  more  than 
300  million. 

The  NPD  Group’s  Connected 
Intelligence  survey,  mentioned 
above,  found  that  45%  of  con¬ 
sumers  simply  are  unaware  of 
Windows  Phone.  Similarly,  of  the 
50%  of  consumers  planning  to 
buy  a  smartphone  in  the  next  six 
months  and  who  are  uninterested 
in  Windows  Phone  7,  the  most 
popular  reason  given,  by  46%  of 
this  subgroup,  was  “don’t  really 
know  enough  about  it.” 

Microsoft  CEO  Steve  Ballmer 
seems  well  aware  of  that  lack  of 
awareness.  At  the  company’s 
annual  meeting  with  financial 
analysts,  he  said:  “We  haven’t 
sold  quite  as  many  probably  as  I  would  have 
hoped  we  would  have  sold  in  the  first  year,” 
and,  “There’s  just  more  work  for  us  to  do 
as  we  move  forward  to  establish  Windows 
Phone  in  the  market.” 

Part  of  that  work  is  spending  more  money 
to  help  handset  makers  and  carriers  to  pro¬ 
mote  Windows  Phone  handsets,  with  incen¬ 
tives  to  retail  sales  staff  and  more  in-store 
promotions;  and  convincing  these  partners 
to  also  spend  more. 

“Many  consumers  will  find  that  there  is  a 
need  for  Apple-style  ease  of  use  and  platform 
consistency  but  with  an  Android-style  range 
of  devices,  prices  and  form  factors,”  says 
IDC’s  Hilwa.  “This  is  the  sweet  spot  Windows 
Phone  is  trying  to  hit.”  ■ 


Windows  Phone 
poised  for  big  growth  in 
smartphone  market 

Worldwide  sales  of  mobile  devices* 
to  end  users  by  operating  system 
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►  Networking,  from  page  12 

organizations  need  to  determine  if  the  solu¬ 
tion  has  eliminated,  or  at  least  minimized,  the 
negative  aspects  of  a  public  cloud  solution. 

Concerns  about  security  are  the  primary 
impediment  to  the  adoption  of  public  cloud. 
Thus,  evaluating  the  security  of  the  CNS 
provider’s  facilities  is  a  critical  component  of 
evaluating  a  CNS  solution. 

As  part  of  that  evaluation,  IT  organiza¬ 
tions  need  to  determine  whether  the  cloud 
provider’s  implementation  of  a  multi-tenant 
environment  has  compromised  security.  For 
example,  IT  organizations  need  to  determine 
if  the  service  provider  can  enable  the  IT  orga¬ 
nization  to  maintain  compliance  with  the 
necessary  corporate  and  regulatory  stan¬ 
dards  while  still  leveraging  the  shared  infra¬ 
structure  model’s  cost  benefits  and  improved 
operational  efficiency. 

However,  just  as  important  is  whether  the 
solution  actually  provides  the  benefits  that 
drive  IT  organizations  to  use  public  cloud 
computing  solutions.  The  primary  benefit  of 
using  a  public  cloud  computing  solution  is 
lower  cost. 

The  cost  information  provided  by  the  ser¬ 
vice  provider  should  give  the  IT  organiza¬ 
tion  all  the  information  it  needs  to  determine 
whether  or  not  the  CNS  provides  a  compel¬ 
ling  cost  advantage. 

The  second  most  important  benefit  is  being 
able  to  reduce  the  time  it  takes  to  deploy  new 
functionality.  One  way  for  an  IT  organiza¬ 
tion  to  evaluate  the  agility  of  a  cloud  service 
provider  is  to  identify  the  degree  to  which  the 
vendor  has  virtualized  their  entire  data  cen¬ 
ter  infrastructure. 

For  example,  have  they  implemented  vir¬ 
tual  networking  functionality  such  as  that 
provided  by  Vyatta?  Virtualization  is  impor¬ 
tant  because  a  virtual  infrastructure  is  nota¬ 
bly  easier  to  initialize,  scale  and  migrate  than 
a  physical  infrastructure  is. 

Representative  solutions 

IT  organizations  have  expressed  more  inter¬ 
est  in  VoIP  and  unified  communications  than 
they  have  in  any  other  form  of  CNS,  accord¬ 
ing  to  our  research.  For  example,  Fonality  is  a 
company  that  is  focused  on  small  to  midsized 
businesses  and  has  already  delivered  more 
than  2  billion  phone  calls  across  the  cloud. 

While  having  numerous  providers  can 
result  in  benefits  to  consumers,  it  also  creates 
some  challenges.  These  challenges  include 
the  fact  that  providers  tend  to  use  different 
names  for  their  services,  have  notably  dif¬ 
ferent  business  models  and  offer  a  very  wide 
range  of  functionality  -  everything  from  basic 


telephony  to  call  center  support  to  HD  voice. 

The  primary  role  of  a  CNS  that  offers 
network  and  application  optimization  is  to 
provide  functionality  similar  to  what  is  pro¬ 
vided  by  premise  based  WAN  optimization 
controllers.  Virtela  is  an  example  of  a  CNS 
provider  that  offers  optimization  as  well 
as  other  services,  including  security  and 
management. 

There  are  three  distinct  use  cases  for  this 
class  of  CNS.  As  with  any  CNS,  one  use  case 
is  that  the  CNS  provides  all  of  the  promised 
benefits  of  public  cloud  computing.  The  sec¬ 
ond  use  case  is  that  the  utilization  of  this  class 
of  CNS  enables  an  IT  organization  to  optimize 
the  performance  of  applications  delivered  to 
mobile  users  without  having  to  deploy  soft¬ 
ware  on  each  mobile  device.  The  third  use  case 
is  that  this  class  of  CNS  enables  an  IT  organi¬ 
zation  to  optimize  the  performance  of  other 
services  obtained  from  a  service  provider, 
such  as  VoIP  or  desktop  virtualization. 

IBM’s  recent  X-Force  2010  Trend  and  Risk 
Report  documents  a  27%  increase  in  security 
vulnerabilities  in  2010  vs.  2009  and  stated 
that  “Web  applications  accounted  for  nearly 
half  of  vulnerabilities  disclosed  in  2010.” 

Given  the  risks  associated  with  Web  based 
applications,  a  key  focus  area  for  a  security 
oriented  CNS  is  to  provide  sophisticated  Web 
content  filtering  and  granular  policy  control 
that  leverage  dynamic  rating  algorithms  and 
can  accurately  identify  and  categorize  web 
content  in  real  time. 

Another  important  security  concern  is  the 
rapid  growth  of  malware.  For  example,  a  recent 
report  from  Cisco  identified  almost  290,000 
unique  instances  of  malware  on  the  Web  in 
June  2011.  That’s  almost  triple  the  number  of 
unique  instances  of  malware  that  Cisco  found 
on  the  Web  in  March  2011  (105,536). 

To  protect  against  malware,  a  CNS  should 
be  able  to  identify  sites  or  content  that  are 
either  suspicious  or  are  known  to  distribute 
malware.  In  order  to  be  effective,  a  CNS  that 
provides  Web  content  filtering  or  malware 
protection  needs  a  source  of  intellectual  capi¬ 
tal,  such  as  Blue  Coat’s  WebPulse  service, 
that  identifies  known  and  suspected  vulner¬ 
abilities.  Ideally  the  CNS  also  offers  compre¬ 
hensive  anti-virus  scanning  for  additional 
protection  from  any  form  of  malware  that  is 
contained  in  file  attachments. 

Because  of  the  breadth  of  what  is  meant  by 
network  management,  it  is  possible  to  find 
management-focused  CNSs  that  provide  a 
wide  range  of  functionality.  For  example, 
Virtela  manages  security  products  such  as 
IPSs  and  firewalls.  Meraki  manages  basic 
networking  functionality,  such  as  routers. 
When  evaluating  any  of  these  solutions,  IT 
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organizations  need  to  determine  how  wide 
a  range  of  vendor’s  products  the  solution  can 
manage  and  how  much  expertise  the  vendor 
has  with  those  products. 

According  to  the  IBM  report,  most  IT  pro¬ 
fessionals  view  the  data  stored  on  mobile 
devices  and  how  that  data  can  be  misused  or 
lost  as  a  serious  security  threat. 

That  view  creates  a  marketplace  opportu¬ 
nity  for  a  CNS,  such  as  the  one  provided  by 
Virtela,  that  provides  mobile  device  manage¬ 
ment.  The  need  for  such  a  service  is  reinforced 
by  a  recent  report  that  concluded  that  many 
IT  organizations  are  struggling  to  support  the 
growth  in  mobile  employees. 

In  contrast  to  popular  types  of  cloud-based 
functionality  such  as  VoIP,  security  and  man¬ 
agement,  desktop  virtualization  is  a  topic 
that  has  received  a  lot  of  attention  in  the  trade 
press,  but  has  not  been  widely  implemented. 

Our  market  research  data  indicates  that 
there  is  not  much  interest  in  a  CNS,  such  as 
the  one  provided  by  Dell ,  that  offers  desktop 
virtualization  functionality.  However,  that 
could  change  over  time. 

Summary 

Over  the  last  few  years,  IT  organizations  have 
begun  to  broadly  adopt  SaaS  and  IaaS  solu¬ 
tions  and  numerous  market  research  reports 
indicate  that  the  adoption  of  these  solutions 
will  increase  significantly  over  the  foresee¬ 
able  future.  However,  with  the  exception  of 
communications  and  collaboration,  to  date 
the  SaaS  solutions  that  have  been  adopted 
have  largely  been  enterprise  business  appli¬ 
cations  such  as  CRM  or  ERP  and  the  IaaS 
solutions  that  have  been  adopted  have  been 
basic  compute  and  storage. 

The  research  contained  in  our  report  indi¬ 
cates  that  the  market  is  potentially  approach¬ 
ing  a  fundamental  shift  in  terms  of  how  IT 
services  are  provided.  The  research  indicates 
that  IT  organizations  have  a  strong  interest  in 
obtaining  many  traditional  IT  services  from  a 
cloud  vendor.  ■ 
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Maximizing  Your  IT  Resources 

Network  Service  Automation  Rightsizes  IT  Staff 
and  Delivers  “Time  to  Value” 


What  is  the  biggest  challenge  you  see 
driving  IT  departments  these  days? 

Our  customers  and  business  partners  say 
complexity  is  on  the  rise,  which  is  putting 
more  demands  on  IT  to  respond  faster  to  busi¬ 
ness  changes.  However,  because  their  budgets 
and  staff  are  constrained,  most  companies 
cannot  move  quickly.  They  need  help  with 
scaling  in  an  environment  in  which  technol¬ 
ogy  is  moving  faster  than  IT  talent.  We  think 
new  solutions  that  help  manage  the  growing 
chaos  surrounding  IP  initiatives  will  help  in¬ 
crease  network  availability  by  reducing  errors 
or  delays  in  rolling  out  new  services. 

What  is  the  impact  of  virtualization 
on  network  staff? 

Virtualization  breaks  the  traditional  “one 
server,  one  application”  architecture,  and 
that  creates  new  management  challenges.  For 
example,  troubleshooting  and  seeing  which 
virtual  machine  is  connected  to  which  port 
have  become  more  difficult.  Businesses  need 
new  discovery  and  visualization  tools  that  au¬ 
tomatically  collect  configuration  information 
and  automate  repetitive  and  high-response- 
rate  chores  such  as  assigning  IP  addresses 
and  server  names  in  a  virtual  environment. 
The  task  of  issuing  IP  addresses  and  names 
for  virtual  machines  should  happen  just  as 
fast  as  a  virtual  machine  can  be  provisioned. 
The  network  team  in  a  virtualized  environ¬ 
ment  must  be  as  dynamic  as  the  server  team’s 
ability  to  provision  new  systems.  This  type 
of  automation  is  a  critical  part  of  any  private 
cloud  strategy. 

How  does  the  influx  of  new  mobile  con¬ 
sumer  devices  correlate  with  the  need  for 
more  network  automation? 

IT  managers  are  often  not  informed  when  new 
mobile  devices  come  into  the  company.  Em¬ 
ployees  bring  them  to  work,  or  business  units 
buy  new  systems  because  they  do  not  want  to 
wait  for  funds  to  be  allocated  to  fulfill  a  critical 
business  need.  The  IT  department  needs  to 
know  what  is  being  attached  to  the  enterprise 


network,  because  the  impact  of  these  devices 
can  be  significant.  This  shift  to  a  more  mobile 
and  dynamic  computing  environment  puts 
a  strain  on  mission-critical  network  services 
such  as  Domain  Name  Service  (DNS).  As  a 
result,  IT  needs  simple-to-use,  intuitive  tools 
that  monitor  network  activity  while  proactive¬ 
ly  managing  and  securing  connections  from  a 
single  central  console. 

How  does  the  movement  to  IPv6  affect 
network  staff? 

The  migration  has  already  begun.  T-Mobile 
is  delivering  IPv6  support  in  its  phones,  and 
these  new  IPv6  devices  still  need  to  connect  to 
IPv4  networks.  In  the  past,  address  manage¬ 
ment  was  done  on  spreadsheets,  but  128-bit- 
IPv6  addressing  brings  an  entire  new  set  of 
challenges.  When  you  add  virtualization  and 
cloud  to  this  challenge,  managing  IP  addresses 
with  just  a  spreadsheet  becomes  impossible.  IT 
teams  will  need  automated  network  services. 

Where  should  a  company  start  and  how 
can  you  gauge  success? 

Automation  is  a  new  “big  idea.”  To  some, 
it  means  ripping  and  replacing— or  mak¬ 
ing  significant  investments  in  professional 
services  and/or  integration  work.  At  Infoblox, 
we  strive  to  make  automation  compelling  by 
demonstrating  that  we  can  make  adoption 
simple.  By  using  automation,  companies  can 
reduce  a  40-step  process  to  a  few  clicks  of  a 
mouse.  As  a  result,  companies  can  make  huge 
productivity  gains  and  save  money— many  of 
our  customers  see  an  immediate  increase  in 
network  availability  and  savings  of  millions  of 
dollars  annually  by  embracing  automation. 

Once  companies  see  such  results,  they  can 
expand  their  use  of  these  tools  and  dramati¬ 
cally  increase  IT  staff  productivity.  Infoblox’s 
heritage  is  in  automating  network  services 
such  as  DNS  and  IP  address  management.  We 
anticipate  that  both  automation  and  next-gen¬ 
eration  network  services  will  be  key  elements 
powering  the  next  10  years  of  IT. 
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Virtualization  is  key  to  public-cloud  security 

Xen  expert  says  virtual  machine  managers  can  help  reduce  risk 


When  we  look  back  in  five 
■I  years  we  will  actually  figure 
out  that  the  core  value  of  hardware 
virtualization  is  security. 

SIMON  CROSBY,  FOUNDER,  BROMIUM 


BYTIM  GREENE 

WHILE  CONVENTIONAL  wisdom  says 
virtualized  environments  and  public  clouds 
create  massive  security  headaches,  the  godfa¬ 
ther  of  Xen,  Simon  Crosby,  says  virtualization 
actually  holds  a  key  to  better  security. 

Isolation  —  the  ability  to  restrict  what 
computing  goes  on  in  a  given  context  —  is  a 
fundamental  characteristic  of  virtualization 
that  can  be  exploited  to  improve  trustworthi¬ 
ness  of  processes  on  a  physical  system  even  if 
other  processes  have  been  compromised,  says 
Crosby,  a  creator  of  the  open  source  hyper¬ 
visor  and  a  founder  of  startup  Bromium, 
which  is  looking  to  use  Xen  features  to  boost 
security. 

If  the  virtual  machine  manager  (hypervi¬ 
sor)  can  help  isolate  functions  carried  out  on 
a  system  and  thereby  reduce  the  risk  that  an 
attack  successful  against  one  function  can 
spread,  that  improves  the  trustworthiness 
of  those  other  processes,  Crosby  says  in  an 
interview  with  Network  World. 

“When  we  look  back  in  five  years  we  will 
actually  figure  out  that  the  core  value  of  hard¬ 
ware  virtualization  is  security,”  Crosby  says. 
“Actually  it’s  better  trust  or  better  isolation, 
and  not  all  of  the  grandiose  cases  we’ve  come 
up  with  for  virtualization  today.  So  that  even 
in  the  cloud  the  primary  use  case  for  virtual¬ 
ization  will,  in  five  years  or  so,  be  security  and 
security  through  isolation.” 

Crosby  was  reluctant  to  detail  how  such  a 
system  would  work  because  it  is  at  the  core  of 
what  Bromium  is  working  on,  and  it  doesn’t 
plan  to  reveal  that  until  next  year.  But  earlier 
this  year  at  the  Xen  Developers  Conference, 
Bromium  co-founder  and  chairman  of  Xen. 
org  Ian  Pratt  offered  some  insight. 

Introspection,  a  feature  of  Xen  that  enables 
virtual  machines  to  be  inspected  by  another 
trusted  VM,  could  help  discover  compro¬ 
mises  within  VMs,  he  says.  Xen  can  isolate 
driver  domains,  which  enhances  security, 
Pratt  says. 

Crosby  says  this  isolation  is  similar  to  what 
XenClient  does  today,  enabling  for  instance  a 
corporate  desktop  and  a  personal  desktop  on 
the  same  machine,  keeping  their  activities 
securely  separate.  A  person’s  possibly  risky 
behavior  with  the  machine  won’t  compro¬ 
mise  the  corporate  functions. 

“The  key  point  I’m  trying  to  make  is  that 
virtualization  technology  in  general  through 
isolation  provides  you  a  different  context  in 


which  to  execute  code  of  different  trust  lev¬ 
els,”  he  says. 

Isolating  processes  more  finely  can  boost 
security  in  public  cloud  environments,  he 
says.  “One  will  be  to  create  a  highly  secure 
cloud  system  which  can  be  used  to  deliver 
multilevel  secure  systems,"  he  says. 

As  an  example  he  points  to  Intel  and  McA¬ 
fee’s  DeepSAFE  technology,  software  that 
sits  between  the  CPU  and  the  operating  sys¬ 
tem  on  a  device,  much  the  way  a  bare-metal 
(Type  1)  hypervisor  does.  Its  direct  link  to 
the  hardware  gives  it  a  trusted  position  and 
a  view  into  events  on  the  machine  beyond 
what  the  operating  system  sees,  according 
to  McAfee. 

“Intel  recently  announced  its  Deep  Safe 
technology  with  McAfee,  a  Type  1  hypervisor 
early  load,  which  has  a  sole  purpose  to  secure 
the  runtime,”  Crosby  says.  “So  you  start  to 
see  the  specific  use  of  virtualization  security 
on  clients.  It  will  eventually  be  the  same  on 
server  systems,  too.  Obviously  you’ve  got 
to  get  the  server  hypervisor  to  learn  new 
things.” 

He  seems  to  suggest  that  linking  hypervi¬ 
sors  to  trusted  platform  modules  (TPM)  that 
are  integrated  within  commodity  processors 
could  yield  security  benefits.  TMP’s  features 
include  storage  of  encryption  keys  as  well  as 
hardware-assisted  encryption,  which  makes 
it  possible  to  encrypt  all  data  a  business 
entrusts  to  a  public  cloud. 

“You  can  encrypt  it  at  wire  speed,  and 
there  is  no  excuse  ever  for  the  cloud  provider 
to  manage  the  key,”  Crosby  says.  “So  what 
should  happen  is  when  you  run  an  applica¬ 
tion  in  the  cloud  you  should  provide  it  with 
the  key  and  only  in  the  context  of  the  running 
application  as  the  data  comes  off  some  stor¬ 
age  service  is  it  decrypted  and  goes  out  re¬ 
encrypted  on  the  fly.  That  way  if  somebody 
compromises  the  cloud  provider’s  interface 
or  if  someone  walks  into  the  cloud  provider 
and  walks  off  with  a  hard  disk,  then  you  are 
OK.” 


By  better  securing  public  clouds,  busi¬ 
nesses  can  take  full  advantage  of  the  reduced 
costs  they  offer.  If  trust  in  public  clouds  can  be 
established,  the  need  for  private  clouds  and 
hybrid  clouds  and  the  capital  costs  they  imply 
will  go  away.  Cloud  computing  will  become 
an  operational  expense. 

Standing  in  the  way  is  fear  that  if  data  is 
compromised  while  in  the  cloud  the  event 
will  be  career-ending  for  those  who  authorize 
it.  Also  blocking  the  way  are  the  demands  of 
regulatory  auditors  that  want  businesses  to 
be  able  to  physically  locate  data.  “[Y]ou  can’t 
really  state  anything  to  a  regulator  in  terms 
of  the  data  if  you  can’t  find  the  hard  disk,”  he 
says.  “So  how  is  the  guy  supposed  to  allow  the 
data  out  of  the  data  center?” 

It  could  be  shown  instead  that  data  is 
secure  within  a  public  cloud,  meeting  regu¬ 
latory  concerns  without  having  to  physically 
locate  the  disk  containing  it,  Crosby  says. 
“They  could  do  it  in  a  heartbeat,”  he  says, 
“if  we  could  actually  secure  the  regulatory 
frameworks  for  it  and  if  we  could  just  get  the 
vendors  to  do  the  obvious  things  in  terms  of 
adopting  security  technologies.” 

Crosby  says  Bromium  has  a  functioning 
version  of  its  product  and  will  announce  it 
within  months.  “We’re  on  early  in  the  new 
year,”  he  says.  “We’re  in  the  stage  where  we’re 
sending  systems  to  potential  early  customers 
for  them  to  kick  around  and  give  us  feedback 
on,”  he  says.  ■ 

IPv6  event 

With  IPv4  addresses  rapidly 
depleting,  transitioning  to  IPv6  is 
necessary.  Attend  Network  World’s 
“The  Critical  Path  to  IPv6”  and 
gain  practical  insights  and  best 
practices  for  getting  started  with 
IPv6,  planning  address  assign¬ 
ments,  avoiding  pitfalls  and  more. 
events/networkworld.com/IPv6 
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Washington,  D.C. 

December  7, 2011 

8:15am  -  4:30pm 
Washington  Convention  Center 

Register  today! 

www.itroadmap.net/201 1  dead 


At  IT  Roadmap  Conference  &  Expo,  you’ll  discover 
everything  you  need  to  know  to  make  informed 
technology  decisions  for  the  year  ahead  -  in  just 
one  day.  And  we’re  coming  to  Washington,  D.C.! 


Through  ROI  workshops,  technical  tutorials, 
strategy  sessions,  roundtable  discussions, 
keynote  addresses,  networking  opportunities 
and  an  interactive  expo  floor,  you’ll  hear  fresh 
perspectives  and  new  technology  insights  from 
the  industry’s  leading  IT  analysts,  top  tech 
practitioners,  and  experienced,  high-profile 
end  users. 

All  new  morning  tracks  include: 

•  The  New  Data  Center 

•  The  Connected  Enterprise 
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Coming  soon 
IT  ROADMAP  2012 

New  York  City 
Chicago 
Denver 

To  learn  more,  visit: 

www.itroadmap.net/201 1  dead 


•  The  Modern  Network 

•  The  Public  &  Private  Cloud 

•  The  Evolving  Threat  Landscape 

Who  Attends: 

•  CIOs  &  VPs 

•  Directors  of  IT 

•  IT  Managers 


For  more  information  about  sponsorship 
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TOOLS 

iPad  improvement:  A  great  keyboard 
and  network  app 

have  written  several  times  about 

my  ongoing  love  affair  with  the  iPad  and, 
surprise,  a  wave  of  iPad-related  products 
has  been  appearing  in  the  Gibbs  Universal 
Secret  Underground  Bunker. 

While  a  number  of  these  are,  well,  meh, 
there  are  a  few  that  are  truly  outstanding. 

One  of  these  winners  is  the  Logitech  Fold-Up  Key¬ 
board  for  iPad. 


Mark  Gibbs’  Gearhead 


While  finger-based  input  works  fine  with 
the  iPad  in  many  situations,  when  you’re 
trying  to  take  notes  in  a  meeting  or  editing 
a  document,  ease-of-use  goes  right  out  the 
window  with  the  on-screen  keyboard  and 
you  long  for  a  real  one.  The  Logitech  Fold-Up 
Keyboard  for  iPad  is  one  of  the  best  solutions 
I’ve  found. 

When  you  first  unpack  the  keyboard  it 
looks  to  be  just  a  tray  into  which  you  slide 
your  iPad  2  (this  product  isn’t  designed 
for  the  original  iPad)  with  cutouts  for  the 
iPad’s  power  and  home  buttons,  the  dock 
connector,  the  volume  rocker  and  the  rota¬ 
tion  lock  switch. 

But  hold  the  iPad  locked  into  the  tray  in 


landscape  mode  with  the  home  button  on  the 
left  and  push  a  button  on  the  top  edge  of  the 
tray  and  gently  lift  as  you  do . . .  and,  voila! 

A  Bluetooth-enabled  keyboard  unfolds, 
origami-like,  from  inside  the  tray! 

This  is  an  incredibly  clever  design  because 
when  folded,  the  entire  package,  iPad  and 
keyboard  is  almost  as  ergonomic  as  the 
“naked”  iPad  (the  keyboard  adds  just  19.1 
ounces  to  the  iPad).  Better  still,  going  from 
pad  to  keyboard  configuration  takes  just  a 
couple  of  seconds  and  you  wind  up  with  a 
full-size  keyboard.  The  design  also  allows 
you  to  use  the  Apple  Magic  Cover. 

When  you  “open”  the  keyboard  it  auto¬ 
matically  connects  to  the  iPad  and  then 
disconnects  when  you 
close  it  and  there  are  no 
batteries!  The  keyboard 
is  rechargeable  using  the 
provided  USB  charging 
cable.  My  only  complaint 
is  that  the  “feel”  of  the  key 
action  is  only  OK  —  the 
keys  are  a  little  stiff  and 
lightweight. 

But  around  an  office 
where  you’re  ducking  in 
and  out  of  meetings,  this 
is  a  terrific  alternative  to 
using  a  separate,  detached 
keyboard.  The  only  detail 
missing  is  a  cutout  for 


the  camera  on  the  back  of  the  iPad  which, 
given  the  way  this  keyboard  folds  up,  is 
understandable. 

Priced  at  $129.99  the  Logitech  Fold-Up 
Keyboard  for  iPad  is  a  little  spendy  but  it  still 
gets  a  rating  of  4.5  out  of  5. 

My  other  outstanding  iPad  delight  this 
week  is  a  simple  but  highly  useful  network 
tool.  Overlook  Fing. 

The  iOS  version  of  Fing  (it  actually  works 
on  all  iDevices)  is  a  descendent  of  Overlook’s 
command  line  network  discovery  tool  of  the 
same  name  created  for  Windows,  OS  X  and 
Linux.  By  the  way,  for  you  Android  users, 
there’s  also  a  version  of  Fing  for  Android  that 
is,  in  effect,  the  iOS  version’s  big  brother  with 
a  lot  more  features. 

What  I  like  about  the  command  line 
version  of  Fing  is  that  it’s  fast,  flexible,  easy 
to  integrate  with  other  applications  (it  even 
outputs  results  in  an  XML  format)  and  you 
can  install  it  as  a  service  under  Windows. 

The  iOS  version  of  Fing  is  slightly  differ¬ 
ent:  It  has  a  GUI  and  a  simpler  goal  —  to  scan 
whatever  Wi-Fi  network  your  iDevice  is 
connected  to.  When  you  launch  Fing  it  lists 
the  devices  it  finds,  their  type,  IP  address, 
vendor  name  and  media  access  control 
address.  The  discovery  list  is  saved  under 
the  access  point’s  SSID  and  you  can  email  the 
findings  directly  from  the  app. 

For  large  networks  there’s  a  search  feature 
so  you  can  restrict  the  list  to  just  the  entries 
that  match  the  search  string.  You  can  also 
view  details  of  the  access  point  (subnet, 
BSSID  and  SSID)  and  the  ISP  (ISP  name,  geo¬ 
location,  external  IP  and  external  IP  name). 

Fing  is  simple,  fast,  very  useful  and  all  ver¬ 
sions  are  free!  And,  wonder  of  wonders,  they 
are  all  also  free  of  ads!  WOOt!  Overlook’s 
Fing  gets  a  rating  of  5  out  of  5!  ■ 

Gibbs  is  in  Ventura,  Calif.  Your  comments  to 
gearhead@gibbs.com. 
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Epson  MegaPlex  lets  you  project 
iPad  content  on  the  big  screen 

Cool  Tools 


Keith  Shaw's 


MegaPlex 

MG-850HD 

projector 

by  Epson,  about  $800 


►  What  it  is:  The  MegaPlex  combines  a  mul¬ 
timedia  projector  with  an  iPod/iPad  docking 
station,  which  lets  users  project  photos,  vid¬ 
eos  and  music  stored  on  their  iPod,  iPhone  or 
iPad  onto  a  larger  screen  (or  wall). 

On  the  projector  side,  the  MG-8SO  sup¬ 
ports  720p  resolution  and  brightness  up  to 
2,800  lumens  (Epson  also  makes  the  $600 
MegaPlex  MG-SO,  which  supports  540p 
resolution  and  up  to  2,200  lumens).  Other 
devices  (including  game  consoles,  DVD  play¬ 
ers  and  PCs)  can  also  connect  to  the  projector, 
as  it  supports  HDMI,  and  VGA  inputs. 

A  USB  port  also  lets  you  connect  an  exter¬ 
nal  hard  drive  or  thumb  drive  to  play  videos 
or  photo  slideshows  through  the  projector. 

A  microphone  input  allows  for  an  exter¬ 
nal  microphone,  so  you  can  do  things  like 
narrate  a  slideshow  or  sing  along  with  your 
music.  Speaking  of  music,  sound  comes 
out  of  the  system  through  two 
built-in  10-watt  stereo 
speakers 


Epson’s  MegaPlex  allows  you 
to  project  content  from  your 
smartphone,  iPod  or  iPad. 


for  travelers  (there’s  a  nice  handle  for  carry¬ 
ing  the  unit,  although  may  be  a  bit  too  large 
for  some  people  who  prefer  to  travel  lightly). 

Some  other  cool  features  to  note:  The 
docking  station  recharges  your  i-device,  and 
if  you  don’t  want  to  use  the  projector,  you  can 
still  use  the  device  as  a  speaker  system  for 
songs  and  displaying  photos  and  movies  on 
the  iPad’s  display. 

►  Some  caveats:  The  on-screen  menu  for 
playing  movies,  TV  shows  and  music  was  a 
bit  primitive,  and  the  system  only  recognized 
content  that  was  synchronized  through 
iTunes.  For  other  content  on  the  device,  we 
had  to  switch  control  back  to  the  i-device  and 
then  try  to  display  it  through  that. 

►  Grade  ★★★★V  (out  of  five). 

Shaw  can  be  reached  at  kshaw@nww.com. 
Follow  him  on  Twitter  (@shawkeith)  or 
Facebook  (facebook.com/shawkeith). 


►  Why  it’s  cool:  The  iPod/iPad  docking 
station  opens  up  additional  possibilities  for 
users  to  project  their  multimedia.  Instead 
of  storing  it  on  a  PC  or  Mac  they  can  play 
everything  through  their  smartphone,  iPod 
or  iPad. 


In  our  testing,  we  were  also  able  to  project 
some  apps  on  the  iPad  through  the  projector 
as  well.  For  example,  we  could  watch  You¬ 
Tube  videos  and  stream  Netflix  content  from 
the  iPad  app  to  the  projector.  We  could  also 
display  our  Keynote  presentations  through 
the  projector.  Unfortunately,  not  all  apps 
allowed  for  external  projection  —  our  ABC 
Player  app  (which  streams  ABC  television 
content)  couldn’t  project,  so  it’s  possible 
that  some  apps  will  only  display  through 
the  iPod’s/iPad’s  display  rather  than  the 
projector. 

Picture  quality  from  the  projector  was 
very  good,  and  it  was  easy  to  adjust  the  focus, 
zoom  and  keystone  settings  that  adjust  the 
vertical  and  horizontal  frame  of  the  projec¬ 
tion.  The  unit  cooled  down  pretty 
quickly  as  well,  allowing  for 
quick  setup  and  packing  up 
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Network  World's  forum  on  Linkedln  is  the  place  for 
network  and  IT  professionals  to  offer  each  other  advice 
and  discuss  the  networking  news  of  the  day.  Network 
World  editors  are  on  hand  to  ensure  that  the  group 
remains  free  of  spam  and  vendor  spin,  and  to  give  their 
take  on  what's  important  in  networking.  Occasionally, 
they'll  poll  the  group  on  controversial  issues  and  you 
can  make  your  voice  heard. 

Ask  a  question.  Post  a  job  listing.  Connect  with 
peers.  Join  Today! 

www.networkworld.com/linkedin 


WI  FI  WIRELESS  ROUTERS 

Linksys  prevails  in  dual-band  duel 

Asus  is  tops  in  performance,  style  among  six  vendors 


BYWAYNERASH 

Wireless  routers  are  always 
something  of  a  mystery. 
They  combine  a  number  of 
features  into  a  single  box 
and  are  usually  complex  to 
set  up,  but  require  little  attention  after  that. 

Set  up  properly,  they  can  provide  high-speed 
wired  and  wireless  access  to  a  wide  range  of 
devices,  securely  connect  to  storage  and  print¬ 
ers,  route  between  parts  of  your  internal  net¬ 
work  and  protect  against  hackers. 

If  that  sounds  like  a  tall  order,  it  is.  That  is 
why  wireless  routers  tend  to  be  one  of  the 
more  frequently  returned  items  in  general 
use.  Wireless  routers  are  also  inconsistent  in 
the  services  they  offer,  the  way  those  services 
are  presented  to  users,  the  ease  with  which 
they  are  enabled  or  disabled  and  the  ease  with 
which  they  can  be  found  and  made  available 
by  the  system  administrator. 

The  wireless  routers  in  this  test  all  share 
certain  features,  however.  They  are  all  dual¬ 
band  wireless  routers  meeting  the  802. lln 
standard  .  Each  has  four  Ethernet  ports,  and 
a  port  for  your  Internet  connection.  All  are 
designed  for  some  sort  of  automated  setup, 
and  all  will  provide  adequate  service  in  a 
moderately  sized  office.  Dual-band  routers 
transmit  and  receive  on  2.4GHz  and  on  5GHz 
at  the  same  time. 

We  tested  products  from  Linksys,  Asus, 
Netgear,  Belkin,  EnGenius  and  Trendnet.  In 
addition  to  looking  at  setup,  documentation, 
manageability  and  feature  sets,  we  conducted 
performance  tests  to  see  how  far  the  router 
could  deliver  a  streaming  music  video  to  a 
laptop  before  data  loss  became  apparent,  and 


CLEAR 

CHQIQE 

TESTA^ 

how  far  the  router  could  deliver  ping  packets 
before  packet  loss  occurred. 

Our  Clear  Choice  Test  winner  is  the  Link¬ 
sys  router,  which  offered  the  best  combina¬ 
tion  of  distance,  speed,  flexibility  and  security. 
And  it’s  future-proofed  through  support  for 
IPv6.  However,  it  was  relatively  expensive. 
And  we  did  find  some  minor  flaws,  such  as 
the  lack  of  status  lights. 

A  close  second  is  the  stylish  Asus  RT-N56U. 
While  it  doesn’t  have  IPv6  support,  the  Asus 
does  everything  else  well,  and  won  our  per¬ 
formance  tests.  One  minor  quibble:  Its  stand 
is  a  little  flimsy,  so  it  tends  to  physically  fall 
over.  But  a  little  duct  tape  can  fix  that. 

The  Netgear  N600,  with  its  included  asym¬ 
metrical  DSL  (ADSL)  modem,  can  simplify 
the  implementation  for  users  who  have  DSL 
lines,  but  it’s  less  useful  for  other  types  of 
Internet  service.  The  Belkin  device  had  some 
hiccups  when  it  came  to  setup,  and  its  secu¬ 
rity  features  weren’t  the  strongest,  but  it  did 
perform  well  at  2.4GHz. 

EnGenius  is  the  low-cost  alternative.  It’s  not 
as  feature-rich  and  polished  as  the  others,  and 
performance  wasn’t  as  strong,  but  in  some 
cases  it’s  half  the  price  of  a  competing  product. 

Trendnet  was  the  only  product  with  exter¬ 
nal  antennas.  However,  they  didn’t  translate 


into  a  performance  advantage. 

We  found  that  all  of  the  devices  provide 
adequate  Internet  access.  But  be  aware  of 
the  limitations  each  has  shown.  Even  though 
your  work  or  home  environment  is  certain  to 
be  different  from  the  test  lab,  the  relative  per¬ 
formance  should  be  approximately  the  same. 
In  other  words,  a  router  that  didn’t  work  well 
at  5GHz  in  the  test  probably  won’t  work  well 
at  5GHz  for  you,  either. 

Here  are  the  individual  reviews: 

ASUS:  Best  performance 

The  Asus  RT-N56U  wireless 
router  probably  would  win 
the  Network  World  style  award, 
if  we  had  one.  This  very  thin, 
shimmering  black  rectangle 
harkens  back  to  the  Monolith 
of  “2001:  A  Space  Odyssey” 
as  it  sits  at  a  slight  angle  in  the 
equipment  rack  with  a  row  of 
blue  LEDs  shining  from  beneath  its  surface. 

The  device  stands  on  a  short  support  that 
you  install  before  you  set  up  the  router.  It 
looks  nice,  but  it’s  not  very  stable  —  by  the 
time  you  attach  a  couple  of  Cat  5  Ethernet 
cables,  it’ll  fall  over  if  you  let  it. 

The  Asus  device  includes  a  pair  of  USB 
ports.  The  four  Ethernet  ports  support  Giga¬ 
bit  Ethernet.  According  to  the  published  specs, 
the  router  will  handle  up  to  30,000  concur¬ 
rent  sessions,  a  feature  we  weren’t  able  to  test. 
This  router  is  able  to  support  a  USB-attached 
hard  drive,  and  it  will  make  it  available  to  the 
internal  network  as  a  Windows  server  device 
or  an  FTP  device,  and  to  the  outside  world  as 
an  FTP  device.  The  Asus  supports  port  map¬ 
ping  and  has  DMZ  support  and  a  built-in 
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Product 

Price 

Pros 

Cons 

Asus  RT-N56U 

$129.99 

Sleek  design,  strong  performance,  good 
security.  Supports  beam  forming. 

Tends  to  fall  over. 

Belkin  N750DB 

$129.99 

Strong  performance  at  2.4  GHz.  Setup  includes 
instructions  to  cycle  the  modem. 

5GHz  performance  is  weak.  Some  security 
features  are  missing.  Setup  utility  didn’t  work. 

EnGenius  ESR7750 

$79.99 

Relatively  inexpensive.  Status  lights 
are  easy  to  see  and  interpret. 

Does  not  support  Gigabit  Ethernet,  no  USB  support, 
must  stand  device  on  front  edge  to  get  best  range. 

Linksys  E4200 

$179.99 

Full  3-stream  Wi-Fi  delivers  600Mbps.  Supports  IPv6.  Long 
range  on  both  bands.  Easy  setup.  Strong  security  and  firewall. 

No  status  lights  on  front  makes  diagnosis  difficult. 

Netgear  N600 
DGND3700 

$149.99 

Includes  ADSL2+  modem.  Broadband  usage 
meter.  Good  range  and  speed.  Easy  to  manage. 

Includes  USB  for  storage  and  print. 

Setup  wizard  has  limited  functionality  and  did  not  work 
according  to  manual.  USB  devices  did  not  work  during  testing. 

Trendnet 

TEW-673GRU 

$  208.99 

Has  LCD  screen  and  control  panel  for  administration. 

USB  support.  Easy  to  manage.  Supports  enterprise  security. 

Poor  5GHz  performance.  External  antennas  limit  physical 
location.  Disk  and  printer  use  require  utilities;  only  one 
user  can  attach  to  storage  and  printing  at  a  time. 
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Nothing  speeds  the  pace  of  business  like  collaboration. 

This  is  why  Avaya  is  dedicated  to  delivering  products  that  allow  the  right  people 
to  share  the  right  information  in  real  time.  Because  faster  collaboration  leads  to 
smarter  decisions.  And  smarter  decisions  are  a  sure  path  to  a  better  business. 


Learn  how  real-time  collaboration  can  improve  your  business  at 
avaya.com/thepowerofwe. 
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firewall.  Asus  includes  provisions 
for  an  external  URL  via  the  Asus 
website  for  supporting  external 
access. 

This  device  uses  beam  forming 
on  SGHz,  which  was  very  effective 
and  allowed  uninterrupted  view¬ 
ing  of  the  test  music  video  for  a  lon¬ 
ger  distance  than  any  other  device 
in  this  test.  Using  Fluke  Networks’ 

AirCheck  Wi-Fi  tester,  we  found 
that  the  Asus  device  would  support 
ping  traffic  without  packet  loss  for 
the  longest  distance  of  any  device  at 
2.4GHz.  Beam  forming  is  a  means 
of  managing  the  phase  relation¬ 
ship  among  multiple  antennas  to 
effectively  steer  the  radio  energy  to 
a  specific  point  in  space. 

The  management  screen  is 
somewhat  different  from  the  other 
devices,  presenting  a  network  map 
of  all  USB-attached  devices  and  all  devices 
attached  over  the  network.  Most  settings  are 
available  through  links  or  buttons  on  the 
router’s  main  page,  available  after  sign-in. 

Setup  is  managed  by  a  CD-based  Win¬ 
dows  program,  or  by  a  Web  page  for  Mac  or 
Linux  setup  using  its  Quick  Internet  Setup 
wizard.  The  included  wizard  does  tell  you  to 
power-cycle  your  Internet  interface  before 
proceeding.  The  entire  process  is  fairly  non- 
dramatic.  Once  the  basic  setup  is  complete, 
you  can  browse  to  the  router’s  IP  address  to 
continue  the  setup  process.  The  management 
pages  are  well  designed  and  intuitive.  The 
router  includes  a  Telnet  server  and  supports 
RADIUS  authentication. 

The  advanced  settings  are  reached  by 
choosing  a  series  of  links  rather  than  tabs  or 
buttons  on  the  other  devices.  This  does  not 
affect  the  usability.  This  device  does  not  sup¬ 
port  IPv6  and  will  not  pass  IPv6  packets. 

The  included  firewall  has  intrusion  detec¬ 
tion,  stateful  packet  inspection,  logging  and  a 
number  of  other  features.  The  included  traffic 
monitor  has  a  graphical  presentation  on  the 
internal  Web  pages.  The  claimed  300Mbps 
maximum  bandwidth  was  confirmed  by  the 
Fluke  AirCheck. 

Beikin:  Strong 
2.4GHz  performance 

The  Belkin  N750  DB  is  a  vertically 
mounted  device  with  ovoid  sides 
that  sits  on  its  bottom  edge  with 
an  attached  stand.  It  includes 
four  Gigabit  Ethernet  ports  and 
two  USB  ports  for  storage  or  printing. 

This  device  includes  beam  forming,  but 
that  feature  apparently  only  works  at  2.4GHz. 


We  streamed  a 
music  video  from 
each  dual-band  Wi-Fi 
router  to  a  laptop  and 
measured  the  distance  in 
feet  at  which  data  loss 
became  apparent.  The  test 
range  included  one  exterior 
wall.  Measurements  were 
performed  at  2.4GHz  or  5GHz 
or  both,  depending  on  which 
produced  the  best  results.  Some 
devices  required  the  use  of  both 
bands  simultaneously. 


NOTE:  TESTING  WAS  PERFORMED  IN  A  LAB  SETTING,  SO  YOJR  MILEAGE  WILL 
CERTAINLY  VARY.  THESE  NUMBERS  ARE  FOR  COMPARISON  PURPOSES  ONLY. 


Streaming  video  worked  at  2.4GHz  for  virtu¬ 
ally  the  same  distance  as  the  Linksys  (about 
250  feet  downrange)  but  the  distance  sup¬ 
ported  at  SGHz  was  only  about  50  feet.  The 
AirCheck  ping  test  at  2.4GHz  was  longer  than 
most  others. 

The  Belkin  N750  DB  includes  a  wireless 
setup  utility  along  with  instructions  to  power- 
cycle  the  cable  modem  or  other  Internet  inter¬ 
face  device.  However,  the  setup  utility  did  not 
work.  Browsing  to  the  router’s  IP  address  did 
provide  access  to  the  main  configuration  page 
which  initially  does  not  include  a  password. 
Setup  supports  Windows,  Mac  and  Linux. 

The  router  comes  with  four  applications: 
Self-Healing,  Video  Mover,  Print  Zone  and 
Memory  Safe.  Self-Healing  provides  routine 
maintenance  scans  of  the  network  and  pres¬ 
ents  on-screen  notifications.  Memory  Safe  is 
a  backup  manager.  Print  Zone  handles  print¬ 
ers  on  the  network,  and  Video  Mover  can  send 
stored  movies  to  an  802.11n  TV  or  Blu-ray 
player. 

There  is  no  disk  management  utility  on  the 
router’s  management  page.  The  USB  storage 
did  not  appear  to  recognize  the  Toshiba  USB 
1TB  drive  used  in  testing,  or  any  other  USB 
storage  device  we  tried.  Security  features 
do  not  include  blacklists  or  whitelists,  and 
there’s  no  means  for  preventing  denial-of- 
service  (DoS)  attacks.  This  router  required  a 
firmware  update  during  testing,  but  did  not 
provide  clear  instructions. 

Testing  showed  that  output  power  was 
lower  than  other  devices  when  the  device  was 
idling.  This  meant  that  initiating  a  connection 
from  even  fairly  short  distances  was  difficult. 
However,  the  device  would  maintain  a  connec¬ 
tion  to  much  longer  distances.  Even  at  short 


Hi , 


distances,  beam  forming  was  evident 
when  FTP  tests  showed  that  data  was 
transferred  about  20%  faster  than 
most  other  devices  at  2.4GHz.  But  at 
5GHz,  performance  was  poor. 

Streaming  media  worked  best 
when  both  2.4GHz  and  5GHz  were 
available  on  the  computer  that  was 
being  used  for  testing.  Single-band 
use  alone  was  less  effective. 

The  N750  DB  does  not  support 
IPv6  and  does  not  pass  IPv6  packets. 

EnGenius:  Low- 
cost  alternative 

At  $79.99,  the  EnGenius  ESR7750 
was  significantly  less  expensive 
than  the  other  products  in  this  test. 
Performancewise,  EnGenius  was  at 
the  lower  end  of  the  spectrum.  And 
it  was  the  only  device  in  this  test  that 
didn’t  support  Gigabit  Ethernet. 

The  ESR7750  includes 
a  firmware-based  setup 
wizard.  A  slip  of  paper 
included  with  the  device 
explains  how  to  invoke  the 
firmware.  In  this  case  you  attach  the  router  to 
your  Internet  connection  (cable  or  DSL  inter¬ 
face)  with  the  included  cable.  Then  attach  your 
computer  to  one  of  the  ports  on  the  network 
switch.  Plug  in  the  device,  power  it  on  and  start 
your  computer.  Theoretically,  that’s  it. 

While  the  instructions  don’t  tell  you  to 
power-cycle  your  Internet  interface  device, 
you  should.  Once  the  ESR7750  gets  a  net¬ 
work  address,  you  can  log  into  it,  assuming 
your  computer  is  using  DHCP  (this  isn’t 
mentioned  in  the  instructions  either),  and 
browsing  to  the  device  and  entering  the  user 
name  and  password.  The  default  address, 
user  name  and  password  are  printed  on  the 
bottom  of  the  device.  Once  you’re  in,  the  setup 
wizard  starts  automatically. 

The  setup  wizard  lets  you  perform  a  basic 
configuration  including  the  role  of  the  device, 
the  SSID,  level  of  security  and  passphrase, 
and  lets  you  set  a  new  password.  Once  you’ve 
finished  the  setup,  you  can  browse  to  the  rout¬ 
er’s  address  and  a  built-in  Web  page  lets  you 
handle  the  setup  and  administration. 

The  ESR7750  provides  a  wide  range  of  set¬ 
tings,  including  for  both  the  2.4GHz  and  5GHz 
portions  of  the  router,  a  firewall  and  features 
such  as  network  address  translation  (NAT), 
port  mapping  and  QoS.  The  firewall  lets  you 
enable  a  DMZ  and  turn  on  DoS  protection, 
along  with  a  variety  of  other  security  features. 

The  ESR7750  worked  well,  but  was  able 
to  provide  service  over  only  a  relatively  short 
range.  An  included  note  suggested  that  it  be 
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CLEAR  WI-FI  WIRELESS  ROUTERS 

CHOICE 

TESTi^ 


tested  with  the  device  positioned  vertically, 
which  was  done.  Apparently  the  internal 
antennas  are  positioned  so  that  they  radiate 
best  when  the  device  is  standing  on  its  front 
edge.  There’s  no  support  included  to  help  the 
device  stay  in  that  position. 

The  ESR7750  was  able  to  deliver  traf¬ 
fic  at  270Mbps  at  2.4GHz  according  to  the 
AirCheck,  but  surprisingly  only  delivered  at 
130Mbps  on  5GHz. 

The  ESR7750  does  not  support  IPv6  and 
does  not  pass  IPv6  packets. 

Linksys:  A  step  beyond 

The  Linksys  E4200  is  a  step 
beyond  the  other  wireless 
routers  in  this  test  in  a  number 
of  important  ways.  This  is  the  only 
device  that  supports  a  3x3  MIMO  antenna 
system,  which  allows  three  spatial  streams. 
It’s  also  the  only  router  with  full  support  for 
IPv6,  including  a  built-in  IPv6  firewall.  The 
Linksys  E4200  is  a  sleek,  shelf-hugging 
design  in  charcoal  gray,  but  it  would  be  bet¬ 
ter  if  it  was  a  little  less  sleek  so  that  the  device 
could  accommodate  status  lights  on  the  front 
to  make  diagnosis  easier. 

The  initial  setup  of  the  E4200  was  the  easi¬ 
est  of  this  bunch.  You  only  need  to  insert  the 
included  CD-ROM  into  your  laptop,  connect 
to  the  Internet  and  power-cycle  the  device. 
Once  that’s  done,  the  setup  is  accomplished 
wirelessly.  The  setup  wizard  includes  a  series 
of  common  scenarios.  Choose  one  and  the 
setup  wizard  will  ask  a  few  questions  and  fin¬ 
ish  the  job.  One  caveat:  Don’t  change  the  LAN 
IP  address  until  everything  else  is  finished  or 
the  wizard  will  stop  working. 

One  security  improvement  is  that  the 
default  SSID  is  no  longer  “Linksys.”  Cisco 
has  apparently  supplied  a  random  set  of 
words  for  the  SSID,  and  the  router  will  come 
equipped  with  one  of  those.  You  can,  of  course, 
change  it  during  the  setup  process. 

Unlike  some  of  the  other  devices  in  this 
test,  the  E4200  does  not  treat  SGHz  as  an 
afterthought.  Streaming  media  worked  up  to 
265  feet  on  the  test  range  before  there  was  any 
evidence  of  loss.  The  AirCheck’s  testing  with 
ping  packets  showed  minor  loss  on  2.4GHz 
at  200  feet,  but  the  losses  stayed  minimal  for 
another  50  feet.  File  transfer  times  increased 
over  even  modest  distances,  as  was  the  case 
with  the  other  devices  in  this  test. 

Once  you’ve  made  it  through  the  setup  wiz¬ 
ard,  the  router’s  management  interface  is  just 
like  all  of  the  other  Linksys  routers  you’ve  seen. 
Obviously  there  are  some  differences  because 
you  have  to  manage  two  radios  as  well  as  IPv4 
and  IPv6,  but  the  changes  are  intuitive,  and 
you’ll  recognize  the  features  of  the  interface. 


The  E4200  includes  a  number  of  useful 
security  features.  You  can  set  whitelists  and 
blacklists,  and  you  have  the  option  of  using  a 
guest  account  that  will  provide  limited  privi¬ 
leges  but  will  let  visitors  access  the  Internet. 
There  are  complete  firewall  functions  for  IPv4 
and  IPv6.  You  have  complete  control  over  most 
common  firewall  features.  This  device  also 
supports  port  forwarding  and  has  a  DMZ 
capability,  QoS  support  and  specific  settings 
for  gaming. 

The  E4200  also  includes  a  USB  port  that 
will  support  the  devices  available  in  the  lab, 
including  a  1TB  Toshiba  drive,  and  it  will 
provide  FTP  access  to  storage.  You  can  let  the 
router  provide  access  to  storage  for  external 
connections,  but  you  can  also  keep  it  internal. 
The  router  includes  a  storage  management 
interface  so  that  you  know  what’s  attached  and 
provide  access  as  needed. 

Netgear:  Good  value 

The  Netgear  N600  DGND3700 
wireless  router  includes  an 
ADSL  modem  as  well  as  an 
Ethernet  port.  We  did  not  test 
the  ADSL  modem.  The  device 
includes  a  setup  wizard  that 
does  little  except  help  set  the  router  name 
and  determine  the  type  of  Internet  connec¬ 
tion.  You  must  set  the  SSID,  security  and  IP 
address.  The  router  required  several  tries  to 
obtain  an  IP  address  from  the  cable  provider 
used  for  this  testing. 

The  router  provides  logging  and  allows  port 
forwarding,  and  you  can  set  up  blacklists  in 
the  firewall.  One  nice  feature  is  that  the  router 
will  send  you  an  email  if  it  detects  malicious 
port  scanning  or  a  DoS  attack,  and  the  email 
will  include  logs  that  relate  to  the  attack. 

Testing  of  the  N600  showed  that  it  had 
ranges  somewhat  shorter  than  the  best  of  this 
test,  but  they  weren’t  so  short  as  to  limit  the 
usefulness  of  the  device.  The  management 
interface  is  straightforward  and  intuitive. 
The  most  obvious  difference  is  that  it  contains 
settings  for  the  ADSL  modem. 

The  N600  includes  a  USB  port  for  sharing 
storage  or  printers,  but  it  did  not  work  with 
any  of  the  devices  in  the  lab  that  we  tested. 
The  management  software  didn’t  provide  any 
help  with  regard  to  the  USB  device. 

It’s  a  solid  device  that  provides  good  value 
if  you  need  the  included  modem.  However,  it 
does  not  support  IPv6. 

Trendnet:  Location-sensitive 

The  Trendnet  TEW-673GRU  is  the  only  wire¬ 
less  router  in  this  test  with  external  antennas. 
It’s  also  the  only  device  in  this  test  with  exter¬ 
nal  controls  and  an  LCD  panel.  The  external 


antennas  make  the  router 
more  location-sensitive 
than  some  of  the  other 
devices  in  this  test.  In  this 
case,  the  router  worked 
best  by  exposing  the  rear  of  the  device  at  the 
front  of  the  equipment  rack  so  the  antennas 
protruded  into  free  space.  Unfortunately,  this 
also  had  the  effect  of  making  the  LCD  panel 
difficult  to  see  and  the  controls  hard  to  reach. 

However,  the  existence  of  the  controls 
proved  to  be  handy  when  an  install  failure  left 
the  router  in  an  indeterminate  state.  I  was  able 
to  restore  it  to  factory  defaults  simply  by  choos¬ 
ing  that  on  the  on-screen  menu.  While  all  these 
devices  have  a  reset  switch  behind  a  hole  in  the 
rear,  those  resets  don’t  always  work. 

The  TEW-673  includes  a  setup  wizard 
which  runs  automatically  when  you  browse 
to  the  router  and  log  in.  The  step-by-step 
instructions  are  detailed,  but  they  miss  the 
requirement  to  power-cycle  the  Internet 
interface,  and  if  you  don’t  do  that,  the  install 
will  fail.  Once  it  runs,  the  setup  wizard  does 
very  little,  so  you  must  select  the  SSID,  IP 
address  and  security  settings  yourself. 

The  TEW-673  includes  a  USB  interface 
with  significant  limitations.  You  can  attach 
storage  to  the  device,  but  you  must  use  spe¬ 
cial  drivers  on  either  the  PC  or  the  Mac  to 
use  it.  Likewise,  there’s  a  driver  for  using  an 
attached  printer.  However,  only  one  user  can 
attach  to  storage  or  printing  at  a  time. 

Performance,  especially  at  5GHz,  was  poor. 
We  were  unable  to  reach  the  router  at  dis¬ 
tances  as  short  as  50  feet  for  file  transfer  tests, 
and  video  streaming  at  5GHz  would  not  work 
beyond  that  distance.  The  AirCheck  ping  test 
showed  packet  loss  at  much  less  than  50  feet. 
The  2.4GHz  side  of  this  router  showed  bet¬ 
ter  performance  with  streaming  content  loss 
occurring  at  about  175  feet.  The  router  uses  two 
channels  at  2.4GHz  to  provide  better  through¬ 
put.  Bottom  line:  The  external  antennas  didn’t 
provide  any  performance  or  distance  boost 
over  other  devices  with  internal  antennas. 

The  management  interface  does  provide 
context-sensitive  help,  but  the  help  isn’t  very 
helpful.  As  a  result,  the  device  will  let  you 
adjust  your  security  settings  so  they’re  incom¬ 
patible  with  802.11n  without  telling  you,  and 
without  any  indication  of  the  proper  settings. 

The  included  firewall  and  security  features 
are  suitable  for  home  or  small  business  use. 
The  device  supports  whitelisting  and  black¬ 
listing,  RADIUS  authentication,  VPN,  port 
forwarding  and  stateful  packet  inspection. 
The  router  does  not  support  IPv6.  ■ 

Rash  is  a  freelance  writer  living  in  Virginia.  He 
can  be  reached  at  wrash@mindspring.com. 
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IT  consumerization:  It’s  biblical! 


ONCE  UPON  a  time,  IT  said  unto  select 
employees  (in  biblical  tones):  “Thou  lucky 
employee,  thou  shalt  have  this  very  expen¬ 
sive  cellphone  (sign  here)  and  thou  shalt  want  no  other.  Go  forth  and 
communicate,”  adding,  “and,  lo,  thou  shalt  also  have  this  very  expen¬ 
sive  laptop  (sign  here  as  well)  and  thou  better  not  break  it,  buster.  Now, 
go  forth  and  lug  it  around  the  country  and  give  presentations  and 
whatever  else  it  is  you  do.  Begone.” 

And  verily  did  the  employees  go  forth  and  do  their  thing  using  the 
very  expensive  tools  that  had  been  delivered  unto  them  and  they  were 
fairly  happy. 

But  it  came  to  pass  that  these  very  expensive  tools  became  less 
expensive  and  were  improved  so  they  could  do  a  lot  more  tasks  and 
then,  soon  thereafter,  they  became  even  less  expensive  and  even  more 
capable  until,  lo,  they  became  dead  cheap  and  really  powerful. 

The  employees  looked  upon  these  tools  and  said,  “Verily,  these  are 
so  cheap  I’ll  buy  one  for  myself  and  yet  more  for  my  family ...  oh,  and 
you  know  what,  they  are  better  than  what  I  have  at  work  so  I  will  take 
all  these  gnarly  digital  gadgets  with  me  to  the  office.”  And  thus  did  the 
consumers  learn  the  term  “wOOt!” 

And  so  was  born  yet  another  headache  for  IT:  The  consumerization 
of  information  technology. 

If  you’re  in  IT,  you’ve  been  battling  the  tsunami  of  smartphones,  lap¬ 
tops,  Wi-Fi  access  points,  USB  drives,  cheap  printers  and  so  on  that 
have  flooded  into  the  enterprise  and  made  your  lives  more  difficult. 

Your  users  have  had  the  nerve  to  think  that  they  can  just  copy  files 
they  need  onto  their  personal  iDevices  or  their  nerd  sticks  so  they  can 


do  work  at  home.  They  mail  confidential  documents  to  their  co-work¬ 
ers’  smartphones  and  stuff  sensitive  corporate  data  onto  their  pocket- 
size  USB  drives. 

And  worse  than  that,  many  of  your  users  got  tech-sawy.  Where  you 
could  once  tell  them  “X  can’t  be  done”  and  expect  them  to  leave  you 
alone,  they  now  argue  with  you  and  show  you  some  App  Store  widget 
that  does  what  they  want  for  $4.99!  If  you  try  to  explain  that  this  is  in 
no  way  enterprise-grade,  they  point  out  that  they  really  don’t  care  and 
you  can’t  stop  them. 

And  to  make  matters  worse,  along  comes  all  this  cloud  hoo-ha.  Cloud 
was  once  for  the  big  boys  only.  It  was  enterprise  stuff  and  it  was  tricky, 
complex  and  spendy.  But  Google  and  a  slew  of  others  made  storage  and 
email  available  to  all  for  nothing,  and  now  Apple  has  joined  the  fray 
with  iCloud,  exponentially  complicating  your  life. 

And  it  is  this  combination  of,  well,  “stuff,”  that  is  going  to  make  your 
life,  for  want  of  a  better  word,  interesting.  You  know  what  the  end  user 
side  of  the  IT  world  of  your  future  will  look  like?  Nothing  but  wire¬ 
less,  iPhones  and  iPads,  cheap  software,  data  all  over  the  place,  and 
security  strategies  full  of  holes.  And  may  the  gods  help  you  if  you’re 
in  a  regulated  industry. 

There’s  only  one  answer:  Adapt.  Embrace  the  change.  Be  flexible.  It’s 
like  you’re  tied  to  the  tracks  of  the  enterprise  and  the  freight  train  of  the 
future  is  coming  at  you  and  it’s  not  only  got  no  brakes,  someone  has 
jammed  the  throttle  full  on.  Now,  that’s  biblical.  N 

Gibbs  sees  the  future  in  Ventura,  Calif.  Your  predictions  to  backspin@ 
gibbs.com. 
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Stallman  parody  site  catches  Stallman’s  eye 


A  RECENT  online  posting  of  Richard  Stall¬ 
man’s  astonishingly  long  set  of  instructions 
for  those  who  would  hire  him  as  an  event 
speaker  has  spawned  a  parody  website  —  The  Stallman  Dialogues  —  as 
well  as  some  debate  over  the  propriety  of  people  poking  fun  at  the  enig¬ 
matic  and  controversial  founder  of  the  Free  Software  Foundation. 

Stallman  himself  has  an  opinion  on  the  latter  issue,  which  we’ll  get 
to  in  a  minute. 

First,  there’s  the  instruction  manual  —  we’ll  call  it  the  “How  to  Hire 
Richard  Stallman  Manifesto”  —  which  covers  everything  from  his 
preferences  in  air  travel  —  coach  over  business  class,  with  the  caveat 
that  he  would  appreciate  being  paid  the  difference  in  the  fares;  hotels 
—  he  hates  them  and  would  prefer  someone’s  couch;  beverages  —  tea 
with  milk  and  sugar,  unless  it’s  tea  he  really  likes  (oddly  unspecified), 
in  which  case  no  milk  or  sugar  is  necessary,  and  non-diet  Pepsi  rather 
than  Coke,  since  he  dislikes  the  taste  of  all  diet  soda  and  he’s  boycotting 
Coca-Cola;  audio-visual  equipment  —  a  microphone  only;  proper  use 
of  "free  software”  nomenclature  —  a  dissertation  unto  itself;  pre-event 
publicity,  press  coverage,  signage,  social  obligations,  sightseeing  likes 
and  dislikes,  and ...  I  could  go  on,  because  he  goes  on  and  on  and  on. 

It’s  roughly  9,000  words,  which  would  fill  20  pages.  Some  see  all 
ego  and  arrogance  in  the  document.  But  I  see  it  also  as  the  accumulated 
plead  ings  of  a  man  who  knows  he  can  be  a  handful  and  figures  the  best 
way  to  help  others  deal  with  (and  please  him)  is  candid  and  complete 
disclosure.  He’s  doing  you  a  favor,  too,  in  essence. 

And  while  the  document  has  been  seen  on  the  Internet  before,  this 
time  it  inspired  someone  to  launch  The  Stallman  Dialogues. 


The  site  encourages  readers  to  create  and  submit  their  own  fictitious 
dialogues  between  Stallman  and  a  “friendly  conference  organizer” 
based  on  factual  snippets  pulled  from  the  “How  to  Hire  Richard  Stall- 
man  Manifesto.”  Here’s  one  example  involving  Stallman’s  warning  to 
those  hosts  who  might  deem  it  necessary  to  offer  him  help  in  safely 
negotiating  his  way  across  a  daunting  urban  intersection: 

Friendly  conference  organizer:  Mr.  Stallman,  want  to  hear  a  joke? 

Stallman:  Sure. 

Friendly  conference  organizer:  Why  did  the  chicken  cross  the  road? 

Stallman: ... 

Friendly  conference  organizer:  To  get  to  ... 

Stallman:  [interrupting]  One  situation  where  I  do  not  need  help,  let 
alone  supervision,  is  in  crossing  streets. 

Friendly  conference  organizer: ...  it’s  a  joke. 

Subtle,  to  be  sure,  and  I  would  suggest  that  this  one  and  most  all  of 
the  other  parody  entries  are  far  better  appreciated  if  you’ve  read  the 
full  “How  to  Hire  Richard  Stallman  Manifesto.” 

But  not  everyone  is  amused.  When  someone  submitted  the  parody 
site  to  Reddit,  there  was  disagreement  as  to  whether  it  was  fair  or  foul. 
Figuring  Stallman  would  be  best  equipped  to  make  that  judgment,  I 
sent  him  an  email  asking  if  he’d  seen  “The  Stallman  Dialogues”  and  if 
so  what  he  thought  of  it.  His  reply:  “I  saw  it  just  a  few  minutes  ago.  I’m 
going  to  put  a  link  to  it  from  the  humor  section  in  stallman.org.” 

Guess  that  settles  that.  ■ 

I'm  well  aware  that  not  everyone  finds  Stallman  amusing  either. 
Comments  to  buzz@nww.com. 
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Over  400  highly  logical  reasons  to  choose  IBM  WebSphere'"’  over  Oracle  WebLogic®: 

1.  Save  57%  on  first-year  licensing  and  support. 

2.  Choose  from  more  virtualization  options  (including  VMware  and  Xen). 

3.  Pay  only  for  cores  you  use  (not  always  true  with  Oracle  WebLogic). 

4-404.  Be  in  good  company  (last  year,  over  400  Oracle  WebLogic  clients 
chose  IBM  WebSphere). 

ibm.com/facts 
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SAVINGS  based  on  publicly  available  information  as  of  6/13/2011  comparing  Oracle  WebLogic  Server  Enterprise  Edition  to  IBM  WebSphere  Application  Server  Network  Deployment,  both  on  an  IBM  Power1 730  Express 
server  (2  chips,  8  cores  each).  IBM.  the  IBM  logo,  ibm.com,  WebSphere,  Smarter  Planet  and  the  planet  icon  are  trademarks  of  International  Business  Machines  Corp,  registered  in  many  jurisdictions  worldwide.  Other  product 
and  service  names  might  be  trademarks  of  IBM  or  other  companies.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at  www.ibm.com/legal/copytrade.shtml.  ©  International  Business  Machines  Corporation  2011. 
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Brocade  is  deploying  Ethernet  fabric  solutions  today. 
From  increased  automation  to  more  scalable  and 
resilient  network  architectures,  Brocade  Ethernet 
fabrics  flatten  your  network.  In  fact,  you  can  manage 
the  entire  fabric  as  one  single,  logical  entity. 

dramatically  more  automated  network. 

Reduce  complexity  and  experience  a  network  that  works 
the  way  you  always  imagined  it  should.  Brocade  Ethernet 
fabrics  enable  cloud-optimized  networks  that  make 
your  business  more  agile.  That’s  why  90%  of  the  Global 
1000  already  rely  on  Brocade. 

j.  Find  out  what  Brocade  customers  already  know. 

Visit  brocade.com/everywhere 
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